package com.microsoft.teams.vault.utils;

import androidx.core.util.Pair;
import com.apollographql.apollo.ApolloCall;
import com.apollographql.apollo.api.Response;
import com.apollographql.apollo.exception.ApolloException;
import com.microsoft.skype.teams.services.configuration.IEndpointManager;
import com.microsoft.skype.teams.services.diagnostics.StatusCode;
import com.microsoft.skype.teams.services.diagnostics.telemetryschema.ScenarioContext;
import com.microsoft.skype.teams.services.diagnostics.telemetryschema.ScenarioName;
import com.microsoft.teams.core.app.ITeamsApplication;
import com.microsoft.teams.core.models.UserPreferences;
import com.microsoft.teams.core.services.IAuthenticationService;
import com.microsoft.teams.nativecore.logger.ILogger;
import com.microsoft.teams.nativecore.preferences.IPreferences;
import com.microsoft.teams.networkutils.CallResponse;
import com.microsoft.teams.networkutils.ServerError;
import com.microsoft.teams.telemetry.logger.ITelemetryLogger;
import com.microsoft.teams.vault.services.IVaultAppData;
import com.microsoft.teams.vault.services.network.CreateUserMutation;
import com.microsoft.teams.vault.services.network.DeleteAllSecretsMutation;
import com.microsoft.teams.vault.services.network.GraphQLExecutor;
import com.microsoft.teams.vault.services.network.IGraphQLExecutor;
import com.microsoft.teams.vault.services.network.UpdateUserMutation;
import com.microsoft.teams.vault.services.network.UpdateUserToAddKeyBundleMutation;
import com.microsoft.teams.vault.services.network.UserQuery;
import com.microsoft.teams.vault.services.network.VaultGraphQLErrorHandler;
import com.microsoft.teams.vault.telemetry.IVaultTelemetryHelper;
import java.io.UnsupportedEncodingException;
import java.util.List;
import java.util.Map;

/* loaded from: classes5.dex */
public class UserKeyBundleHelper implements IUserKeyBundleHelper {
    private static final String ENCODING_FORMAT = "UTF-8";
    private static final int ITERATIONS = 100000;
    private static final String TAG = "UserKeyBundleHelper";
    public static final String TIMESTAMP_PREFIX = "Timestamp=";
    private final IAsymmetricEncryption mAsymmetricEncryption;
    private String mClientKey;
    private ApolloCall.Callback<CreateUserMutation.Data> mCreateUserMutationCallback;
    private ApolloCall.Callback<DeleteAllSecretsMutation.Data> mDeleteAllSecretsCallback;
    private String mETag;
    private String mEncryptedPrivateKey;
    private final IGraphQLExecutor mGraphQLExecutor;
    private boolean mHasRemoteKey;
    private boolean mIsRecoveryEnabled;
    private int mKeyBundleVersion;
    private final ILogger mLogger;
    private String mMSAEncryptedClientKey;
    private String mMSAKeyVersion;
    private final IPreferences mPreferences;
    private String mPrivateKey;
    private String mPublicKey;
    private int mRevision;
    private final ISymmetricEncryption mSymmetricEncryption;
    private final String mTag = UserKeyBundleHelper.class.getSimpleName();
    private final ITeamsApplication mTeamsApplication;
    private ApolloCall.Callback<UpdateUserMutation.Data> mUpdateUserRecoveryCallback;
    private ApolloCall.Callback<UpdateUserToAddKeyBundleMutation.Data> mUpdateUserToAddKeyBundleMutationCallback;
    private String mUserObjId;
    private ApolloCall.Callback<UserQuery.Data> mUserQueryCallback;
    private final IVaultAppData mVaultAppData;
    private final IVaultTelemetryHelper mVaultTelemetryHelper;

    public UserKeyBundleHelper(ILogger iLogger, IAuthenticationService iAuthenticationService, IAsymmetricEncryption iAsymmetricEncryption, IEndpointManager iEndpointManager, IVaultTelemetryHelper iVaultTelemetryHelper, ITeamsApplication iTeamsApplication, IVaultAppData iVaultAppData, ISymmetricEncryption iSymmetricEncryption, IPreferences iPreferences, ITelemetryLogger iTelemetryLogger) {
        this.mLogger = iLogger;
        this.mGraphQLExecutor = new GraphQLExecutor(iEndpointManager, iLogger, iTelemetryLogger);
        this.mAsymmetricEncryption = iAsymmetricEncryption;
        this.mVaultTelemetryHelper = iVaultTelemetryHelper;
        this.mTeamsApplication = iTeamsApplication;
        this.mVaultAppData = iVaultAppData;
        this.mSymmetricEncryption = iSymmetricEncryption;
        this.mPreferences = iPreferences;
        String str = iAuthenticationService.getAuthenticatedUserContext().userObjectId;
        this.mUserObjId = str;
        this.mPrivateKey = this.mPreferences.getStringUserPref(UserPreferences.VAULT_USER_PRIVATE_KEY, str, null);
        this.mPublicKey = this.mPreferences.getStringUserPref(UserPreferences.VAULT_USER_PUBLIC_KEY, this.mUserObjId, null);
        this.mKeyBundleVersion = this.mPreferences.getIntUserPref(UserPreferences.VAULT_USER_KEYBUNDLEVERSION, this.mUserObjId, 1);
        this.mClientKey = this.mPreferences.getStringUserPref(UserPreferences.VAULT_USER_CLIENT_KEY, this.mUserObjId, null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void decryptClientKey(final CallResponse<String> callResponse) {
        String str = this.mMSAKeyVersion;
        this.mVaultAppData.getMSAKeyWithVersion(str != null ? str.replace(TIMESTAMP_PREFIX, "") : null, new CallResponse<Pair<String, String>>() { // from class: com.microsoft.teams.vault.utils.UserKeyBundleHelper.12
            @Override // com.microsoft.teams.networkutils.CallResponse
            public void onFailure(ServerError serverError) {
                String errorMessage = serverError == null ? "getMSAKey failed" : serverError.getErrorMessage();
                UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.TAG, "decryptClientKey %s", errorMessage);
                callResponse.onFailure(new ServerError(errorMessage));
            }

            @Override // com.microsoft.teams.networkutils.CallResponse
            public void onSuccess(Pair<String, String> pair) {
                byte[] decryptSecret = UserKeyBundleHelper.this.mSymmetricEncryption.decryptSecret(UserKeyBundleHelper.this.mMSAEncryptedClientKey, pair.first);
                if (decryptSecret == null) {
                    UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.TAG, "decryptClientKey decryptSecret returned null bytes", new Object[0]);
                    callResponse.onFailure(new ServerError("decryptClientKey decryptSecret returned null bytes"));
                    return;
                }
                try {
                    callResponse.onSuccess(new String(decryptSecret, "UTF-8"));
                } catch (UnsupportedEncodingException e) {
                    UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.TAG, "decryptClientKey %s", e.getMessage());
                    callResponse.onFailure(new ServerError(e.getMessage()));
                }
            }
        });
    }

    private void decryptPrivateKey(String str) {
        String decryptPrivateKey = this.mAsymmetricEncryption.decryptPrivateKey(this.mEncryptedPrivateKey, str);
        if (decryptPrivateKey == null) {
            this.mLogger.log(7, this.mTag, "decrypt PrivateKey failed", new Object[0]);
            return;
        }
        this.mPrivateKey = decryptPrivateKey;
        this.mClientKey = str;
        saveDataInPreferencesDao();
    }

    private void encryptClientKey(final CallResponse<Pair<String, String>> callResponse, String str) {
        String str2 = this.mMSAKeyVersion;
        this.mVaultAppData.getMSAKeyWithVersion(str2 != null ? str2.replace(TIMESTAMP_PREFIX, "") : null, new CallResponse<Pair<String, String>>() { // from class: com.microsoft.teams.vault.utils.UserKeyBundleHelper.11
            @Override // com.microsoft.teams.networkutils.CallResponse
            public void onFailure(ServerError serverError) {
                UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.TAG, "encryptClientKey %s", serverError != null ? serverError.getErrorMessage() : "getMSAKey failed");
                callResponse.onFailure(serverError);
            }

            @Override // com.microsoft.teams.networkutils.CallResponse
            public void onSuccess(Pair<String, String> pair) {
                callResponse.onSuccess(new Pair(UserKeyBundleHelper.this.mSymmetricEncryption.encryptSecret(pair.first.replace("\n", ""), UserKeyBundleHelper.this.mClientKey, null).replace("\n", ""), pair.second));
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public int findLatestKeyId(List<UserQuery.KeyBundle> list) {
        int i = 0;
        int i2 = 0;
        for (int i3 = 0; i3 < list.size(); i3++) {
            if (list.get(i3).id().intValue() > i2) {
                i2 = list.get(i3).id().intValue();
                i = i3;
            }
        }
        return i;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public int findLatestKeyIdOnResetUserResponse(List<UpdateUserToAddKeyBundleMutation.KeyBundle> list) {
        int i = 0;
        int i2 = 0;
        for (int i3 = 0; i3 < list.size(); i3++) {
            if (list.get(i3).id().intValue() > i2) {
                i2 = list.get(i3).id().intValue();
                i = i3;
            }
        }
        return i;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void saveDataInPreferencesDao() {
        this.mPreferences.putStringUserPref(UserPreferences.VAULT_USER_PRIVATE_KEY, this.mPrivateKey, this.mUserObjId);
        this.mPreferences.putStringUserPref(UserPreferences.VAULT_USER_PUBLIC_KEY, this.mPublicKey, this.mUserObjId);
        this.mPreferences.putIntUserPref(UserPreferences.VAULT_USER_KEYBUNDLEVERSION, this.mKeyBundleVersion, this.mUserObjId);
        this.mPreferences.putStringUserPref(UserPreferences.VAULT_USER_CLIENT_KEY, this.mClientKey, this.mUserObjId);
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public void checkUserKeyBundleVersion(final CallResponse<Boolean> callResponse) {
        ApolloCall.Callback<UserQuery.Data> callback = new ApolloCall.Callback<UserQuery.Data>() { // from class: com.microsoft.teams.vault.utils.UserKeyBundleHelper.2
            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onFailure(ApolloException apolloException) {
                UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "checkUserKeyBundleVersion failed: %s", apolloException.getMessage());
                callResponse.onFailure(null);
            }

            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onResponse(Response<UserQuery.Data> response) {
                if (response.data() == null || response.data().user() == null || response.data().user().keyBundles() == null || response.data().user().keyBundles().size() <= 0) {
                    UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "checkUserKeyBundleVersion no keyBundles found", new Object[0]);
                    callResponse.onFailure(null);
                    return;
                }
                UserQuery.User user = response.data().user();
                boolean z = user.keyBundles().get(UserKeyBundleHelper.this.findLatestKeyId(user.keyBundles())).id().intValue() <= UserKeyBundleHelper.this.mKeyBundleVersion;
                UserKeyBundleHelper.this.mETag = user.eTag();
                UserKeyBundleHelper.this.mRevision = user.revision().intValue();
                UserKeyBundleHelper.this.mLogger.log(3, UserKeyBundleHelper.this.mTag, "checkUserKeyBundleVersion has latestKeyBundle %b", Boolean.valueOf(z));
                callResponse.onSuccess(Boolean.valueOf(z));
            }
        };
        this.mUserQueryCallback = callback;
        this.mGraphQLExecutor.queryUser(null, callback);
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public String createClientKey() {
        String generateClientKey = PasswordDerivedEncryptionHelper.generateClientKey();
        this.mClientKey = generateClientKey;
        return generateClientKey;
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public void createKeyPair(String str, final boolean z, final CallResponse<ScenarioContext> callResponse) {
        final ScenarioContext startScenario = this.mVaultTelemetryHelper.startScenario(ScenarioName.Vault.CREATE_USER, null);
        Map<String, String> initKey = this.mAsymmetricEncryption.initKey();
        if (initKey == null || initKey.get(AsymmetricEncryption.PUBLIC_KEY) == null || initKey.get(AsymmetricEncryption.PRIVATE_KEY) == null) {
            this.mLogger.log(7, this.mTag, "createKeyPair: generate keys failed", new Object[0]);
            callResponse.onFailure(null);
            return;
        }
        final String replace = initKey.get(AsymmetricEncryption.PUBLIC_KEY).replace("\n", "");
        final String replace2 = initKey.get(AsymmetricEncryption.PRIVATE_KEY).replace("\n", "");
        final String encryptPrivateKey = this.mAsymmetricEncryption.encryptPrivateKey(replace2, str, PasswordDerivedEncryptionHelper.getSalt(), ITERATIONS, null);
        if (encryptPrivateKey == null) {
            this.mLogger.log(7, this.mTag, "createKeyPair: encrypt PrivateKey failed", new Object[0]);
            callResponse.onFailure(null);
            return;
        }
        this.mEncryptedPrivateKey = encryptPrivateKey;
        ApolloCall.Callback<CreateUserMutation.Data> callback = new ApolloCall.Callback<CreateUserMutation.Data>() { // from class: com.microsoft.teams.vault.utils.UserKeyBundleHelper.3
            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onFailure(ApolloException apolloException) {
                UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "CreateUser failed: %s", apolloException.getMessage());
                callResponse.onFailure(null);
                UserKeyBundleHelper.this.mVaultTelemetryHelper.endScenarioOnFailure(startScenario, StatusCode.VaultStatusCode.SERVICE_CALL_FAILED, apolloException.getMessage());
            }

            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onResponse(Response<CreateUserMutation.Data> response) {
                CreateUserMutation.CreateUser createUser;
                if (response.data() == null || (createUser = response.data().createUser()) == null || createUser.keyBundles() == null || createUser.keyBundles().size() <= 0) {
                    UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "CreateUser failed", new Object[0]);
                    callResponse.onFailure(null);
                    UserKeyBundleHelper.this.mVaultTelemetryHelper.endScenarioOnFailure(startScenario, "UNKNOWN", "failure");
                    return;
                }
                UserKeyBundleHelper.this.mPrivateKey = replace2;
                UserKeyBundleHelper.this.mPublicKey = replace;
                UserKeyBundleHelper.this.mKeyBundleVersion = createUser.keyBundles().get(0).id().intValue();
                UserKeyBundleHelper.this.mETag = createUser.eTag();
                UserKeyBundleHelper.this.mRevision = createUser.revision().intValue();
                if (createUser.msaEncryptedClientKey() != null) {
                    UserKeyBundleHelper.this.mMSAEncryptedClientKey = createUser.msaEncryptedClientKey().encryptedValue();
                    UserKeyBundleHelper.this.mMSAKeyVersion = createUser.msaEncryptedClientKey().encryptionKeyVersion();
                } else {
                    UserKeyBundleHelper.this.mMSAEncryptedClientKey = null;
                }
                UserKeyBundleHelper.this.mIsRecoveryEnabled = z;
                UserKeyBundleHelper.this.saveDataInPreferencesDao();
                callResponse.onSuccess(startScenario);
            }
        };
        this.mCreateUserMutationCallback = callback;
        if (z) {
            encryptClientKey(new CallResponse<Pair<String, String>>() { // from class: com.microsoft.teams.vault.utils.UserKeyBundleHelper.4
                @Override // com.microsoft.teams.networkutils.CallResponse
                public void onFailure(ServerError serverError) {
                    UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "encryptClientKey failed", new Object[0]);
                    callResponse.onFailure(null);
                }

                @Override // com.microsoft.teams.networkutils.CallResponse
                public void onSuccess(Pair<String, String> pair) {
                    UserKeyBundleHelper.this.mGraphQLExecutor.createUser(replace, encryptPrivateKey, pair.first, UserKeyBundleHelper.TIMESTAMP_PREFIX + pair.second, UserKeyBundleHelper.this.mCreateUserMutationCallback);
                }
            }, str);
        } else {
            this.mGraphQLExecutor.createUser(replace, encryptPrivateKey, null, null, callback);
        }
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public String decryptVaultKey(String str) {
        String str2 = this.mPrivateKey;
        if (str2 != null) {
            return this.mAsymmetricEncryption.decryptByPrivateKey(str, str2);
        }
        this.mLogger.log(8, this.mTag, "mPrivateKey can not be null", new Object[0]);
        return null;
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public void deleteAllSecrets(final CallResponse<String> callResponse, final ScenarioContext scenarioContext) {
        ApolloCall.Callback<DeleteAllSecretsMutation.Data> callback = new ApolloCall.Callback<DeleteAllSecretsMutation.Data>() { // from class: com.microsoft.teams.vault.utils.UserKeyBundleHelper.8
            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onFailure(ApolloException apolloException) {
                callResponse.onFailure(null);
                UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "deleteAllSecrets failed %s", apolloException.getMessage());
                UserKeyBundleHelper.this.mVaultTelemetryHelper.endScenarioOnFailure(scenarioContext, StatusCode.VaultStatusCode.SERVICE_CALL_FAILED, apolloException.getMessage());
            }

            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onResponse(Response<DeleteAllSecretsMutation.Data> response) {
                if (response.data() != null && response.data().deleteAllSecrets() != null) {
                    callResponse.onSuccess(null);
                    UserKeyBundleHelper.this.mLogger.log(3, UserKeyBundleHelper.this.mTag, "deleteAllSecrets %d", Integer.valueOf(response.data().deleteAllSecrets().deletedSecretIds().size()));
                } else {
                    callResponse.onFailure(null);
                    UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "deleteAllSecrets failed data is null", new Object[0]);
                    UserKeyBundleHelper.this.mVaultTelemetryHelper.endScenarioOnFailure(scenarioContext, StatusCode.VaultStatusCode.NULL_RESPONSE, "data is null");
                }
            }
        };
        this.mDeleteAllSecretsCallback = callback;
        this.mGraphQLExecutor.deleteAllSecrets(callback);
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public void deleteKeys() {
        this.mPrivateKey = null;
        this.mPublicKey = null;
        this.mClientKey = null;
        this.mKeyBundleVersion = 0;
        this.mEncryptedPrivateKey = null;
        this.mMSAEncryptedClientKey = null;
        this.mMSAKeyVersion = null;
        this.mETag = null;
        this.mRevision = 0;
        if (this.mPreferences.containsUserPref(UserPreferences.VAULT_PREFERENCES, this.mUserObjId)) {
            this.mPreferences.removeUserPref(UserPreferences.VAULT_PREFERENCES, this.mUserObjId);
        }
        if (this.mPreferences.containsUserPref(UserPreferences.VAULT_USER_PRIVATE_KEY, this.mUserObjId)) {
            this.mPreferences.removeUserPref(UserPreferences.VAULT_USER_PRIVATE_KEY, this.mUserObjId);
        }
        if (this.mPreferences.containsUserPref(UserPreferences.VAULT_USER_PUBLIC_KEY, this.mUserObjId)) {
            this.mPreferences.removeUserPref(UserPreferences.VAULT_USER_PUBLIC_KEY, this.mUserObjId);
        }
        if (this.mPreferences.containsUserPref(UserPreferences.VAULT_USER_KEYBUNDLEVERSION, this.mUserObjId)) {
            this.mPreferences.removeUserPref(UserPreferences.VAULT_USER_KEYBUNDLEVERSION, this.mUserObjId);
        }
        if (this.mPreferences.containsUserPref(UserPreferences.VAULT_USER_CLIENT_KEY, this.mUserObjId)) {
            this.mPreferences.removeUserPref(UserPreferences.VAULT_USER_CLIENT_KEY, this.mUserObjId);
        }
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public String getCachedClientKey() {
        return this.mClientKey;
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public String getCachedPrivateKey() {
        return this.mPrivateKey;
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public String getCachedPublicKey() {
        return this.mPublicKey;
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public int getCachedUserKeyBundleVersion() {
        return this.mKeyBundleVersion;
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public boolean getHasRecovery() {
        return this.mIsRecoveryEnabled;
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public boolean getHasRemoteKey() {
        return this.mHasRemoteKey;
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public boolean isPassphraseAuthentic(String str) {
        boolean isPassphraseAuthentic = this.mAsymmetricEncryption.isPassphraseAuthentic(str, this.mEncryptedPrivateKey);
        this.mLogger.log(5, this.mTag, "isPassphraseAuthentic: %b", Boolean.valueOf(isPassphraseAuthentic));
        if (isPassphraseAuthentic) {
            decryptPrivateKey(str);
        }
        return isPassphraseAuthentic;
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public void requestPrivateKey(final CallResponse<String> callResponse) {
        ApolloCall.Callback<UserQuery.Data> callback = new ApolloCall.Callback<UserQuery.Data>() { // from class: com.microsoft.teams.vault.utils.UserKeyBundleHelper.1
            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onFailure(ApolloException apolloException) {
                UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "requestPrivateKey failed: %s", apolloException.getMessage());
                callResponse.onFailure(null);
            }

            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onResponse(Response<UserQuery.Data> response) {
                UserQuery.User user;
                if (response.data() == null || (user = response.data().user()) == null || user.keyBundles() == null || user.keyBundles().size() <= 0) {
                    UserKeyBundleHelper.this.mLogger.log(3, UserKeyBundleHelper.this.mTag, "requestPrivateKey no keyBundles found", new Object[0]);
                    UserKeyBundleHelper.this.mHasRemoteKey = false;
                    callResponse.onSuccess(null);
                    return;
                }
                int findLatestKeyId = UserKeyBundleHelper.this.findLatestKeyId(user.keyBundles());
                UserKeyBundleHelper.this.mEncryptedPrivateKey = user.keyBundles().get(findLatestKeyId).clientKeyEncryptedPrivate();
                UserKeyBundleHelper.this.mPublicKey = user.keyBundles().get(findLatestKeyId).public_();
                UserKeyBundleHelper.this.mKeyBundleVersion = user.keyBundles().get(findLatestKeyId).id().intValue();
                UserKeyBundleHelper.this.mRevision = user.revision().intValue();
                UserKeyBundleHelper.this.mETag = user.eTag();
                UserKeyBundleHelper.this.mHasRemoteKey = true;
                if (user.msaEncryptedClientKey() == null || user.msaEncryptedClientKey().encryptedValue() == null) {
                    UserKeyBundleHelper.this.mIsRecoveryEnabled = false;
                    UserKeyBundleHelper.this.mLogger.log(3, UserKeyBundleHelper.this.mTag, "requestPrivateKey latest keyBundle %d", Integer.valueOf(UserKeyBundleHelper.this.mKeyBundleVersion));
                    callResponse.onSuccess(UserKeyBundleHelper.this.mEncryptedPrivateKey);
                } else {
                    UserKeyBundleHelper.this.mIsRecoveryEnabled = true;
                    UserKeyBundleHelper.this.mMSAEncryptedClientKey = user.msaEncryptedClientKey().encryptedValue();
                    UserKeyBundleHelper.this.mMSAKeyVersion = user.msaEncryptedClientKey().encryptionKeyVersion();
                    UserKeyBundleHelper.this.decryptClientKey(new CallResponse<String>() { // from class: com.microsoft.teams.vault.utils.UserKeyBundleHelper.1.1
                        @Override // com.microsoft.teams.networkutils.CallResponse
                        public void onFailure(ServerError serverError) {
                            UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "requestPrivateKey decrypt clientkey failed", new Object[0]);
                            callResponse.onFailure(new ServerError("requestPrivateKey decrypt clientkey failed"));
                        }

                        @Override // com.microsoft.teams.networkutils.CallResponse
                        public void onSuccess(String str) {
                            if (str == null) {
                                UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "requestPrivateKey decrypt clientkey failed", new Object[0]);
                                callResponse.onFailure(new ServerError("requestPrivateKey decrypt clientkey failed"));
                                return;
                            }
                            UserKeyBundleHelper.this.mLogger.log(3, UserKeyBundleHelper.this.mTag, "client key decrypted", new Object[0]);
                            UserKeyBundleHelper.this.mClientKey = str;
                            UserKeyBundleHelper userKeyBundleHelper = UserKeyBundleHelper.this;
                            if (!userKeyBundleHelper.isPassphraseAuthentic(userKeyBundleHelper.mClientKey)) {
                                UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "requestPrivateKey decrypt clientkey is not authentic", new Object[0]);
                                callResponse.onFailure(new ServerError("requestPrivateKey decrypt clientkey is not authentic"));
                            } else {
                                UserKeyBundleHelper.this.mLogger.log(3, UserKeyBundleHelper.this.mTag, "requestPrivateKey latest keyBundle %d", Integer.valueOf(UserKeyBundleHelper.this.mKeyBundleVersion));
                                AnonymousClass1 anonymousClass1 = AnonymousClass1.this;
                                callResponse.onSuccess(UserKeyBundleHelper.this.mEncryptedPrivateKey);
                            }
                        }
                    });
                }
            }
        };
        this.mUserQueryCallback = callback;
        this.mGraphQLExecutor.queryUser(null, callback);
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public void resetUser(String str, boolean z, final CallResponse<ScenarioContext> callResponse) {
        Map<String, String> initKey = this.mAsymmetricEncryption.initKey();
        if (initKey == null || initKey.get(AsymmetricEncryption.PUBLIC_KEY) == null || initKey.get(AsymmetricEncryption.PRIVATE_KEY) == null) {
            this.mLogger.log(7, this.mTag, "resetUser: generate keys failed", new Object[0]);
            callResponse.onFailure(null);
            return;
        }
        final String replace = initKey.get(AsymmetricEncryption.PUBLIC_KEY).replace("\n", "");
        final String replace2 = initKey.get(AsymmetricEncryption.PRIVATE_KEY).replace("\n", "");
        final String encryptPrivateKey = this.mAsymmetricEncryption.encryptPrivateKey(replace2, str, PasswordDerivedEncryptionHelper.getSalt(), ITERATIONS, null);
        if (encryptPrivateKey == null) {
            this.mLogger.log(7, this.mTag, "resetUser: encrypt PrivateKey failed", new Object[0]);
            callResponse.onFailure(null);
            return;
        }
        this.mEncryptedPrivateKey = encryptPrivateKey;
        ApolloCall.Callback<UpdateUserToAddKeyBundleMutation.Data> callback = new ApolloCall.Callback<UpdateUserToAddKeyBundleMutation.Data>() { // from class: com.microsoft.teams.vault.utils.UserKeyBundleHelper.9
            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onFailure(ApolloException apolloException) {
                UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "resetUser failed: %s", apolloException.getMessage());
            }

            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onResponse(Response<UpdateUserToAddKeyBundleMutation.Data> response) {
                UpdateUserToAddKeyBundleMutation.UpdateUserToAddKeyBundle updateUserToAddKeyBundle;
                if (response.data() == null || (updateUserToAddKeyBundle = response.data().updateUserToAddKeyBundle()) == null || updateUserToAddKeyBundle.keyBundles() == null || updateUserToAddKeyBundle.keyBundles().size() <= 0) {
                    if (UserKeyBundleHelper.this.mGraphQLExecutor.hasExceptionInResponse(response.errors(), VaultGraphQLErrorHandler.GraphQLException.UserCannotHaveMoreThanTwoKeyBundles)) {
                        UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "resetUser failed: UserCannotHaveMoreThanTwoKeyBundles", new Object[0]);
                    } else if (UserKeyBundleHelper.this.mGraphQLExecutor.hasExceptionInResponse(response.errors(), VaultGraphQLErrorHandler.GraphQLException.RequiredToWait10MinsAfterAddingNextKeyBundleId)) {
                        UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "resetUser failed: RequiredToWait10MinsAfterAddingNextKeyBundleId", new Object[0]);
                    }
                    UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "resetUser failed ", new Object[0]);
                    callResponse.onFailure(null);
                    return;
                }
                int findLatestKeyIdOnResetUserResponse = UserKeyBundleHelper.this.findLatestKeyIdOnResetUserResponse(updateUserToAddKeyBundle.keyBundles());
                UserKeyBundleHelper.this.mPrivateKey = replace2;
                UserKeyBundleHelper.this.mPublicKey = replace;
                UserKeyBundleHelper.this.mKeyBundleVersion = updateUserToAddKeyBundle.keyBundles().get(findLatestKeyIdOnResetUserResponse).id().intValue();
                UserKeyBundleHelper.this.mRevision = updateUserToAddKeyBundle.revision().intValue();
                UserKeyBundleHelper.this.mETag = updateUserToAddKeyBundle.eTag();
                if (updateUserToAddKeyBundle.msaEncryptedClientKey() != null) {
                    UserKeyBundleHelper.this.mMSAEncryptedClientKey = updateUserToAddKeyBundle.msaEncryptedClientKey().encryptedValue();
                    UserKeyBundleHelper.this.mMSAKeyVersion = updateUserToAddKeyBundle.msaEncryptedClientKey().encryptionKeyVersion();
                    UserKeyBundleHelper.this.mIsRecoveryEnabled = true;
                } else {
                    UserKeyBundleHelper.this.mMSAEncryptedClientKey = null;
                    UserKeyBundleHelper.this.mIsRecoveryEnabled = false;
                }
                UserKeyBundleHelper.this.saveDataInPreferencesDao();
                callResponse.onSuccess(null);
            }
        };
        this.mUpdateUserToAddKeyBundleMutationCallback = callback;
        if (z) {
            encryptClientKey(new CallResponse<Pair<String, String>>() { // from class: com.microsoft.teams.vault.utils.UserKeyBundleHelper.10
                @Override // com.microsoft.teams.networkutils.CallResponse
                public void onFailure(ServerError serverError) {
                    UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "encryptClientKey failed", new Object[0]);
                    callResponse.onFailure(null);
                }

                @Override // com.microsoft.teams.networkutils.CallResponse
                public void onSuccess(Pair<String, String> pair) {
                    UserKeyBundleHelper.this.mGraphQLExecutor.updateUserToAddKeyBundle(replace, encryptPrivateKey, pair.first, UserKeyBundleHelper.TIMESTAMP_PREFIX + pair.second, UserKeyBundleHelper.this.mKeyBundleVersion + 1, UserKeyBundleHelper.this.mRevision, UserKeyBundleHelper.this.mETag, UserKeyBundleHelper.this.mUpdateUserToAddKeyBundleMutationCallback);
                }
            }, str);
        } else {
            this.mGraphQLExecutor.updateUserToAddKeyBundle(replace, encryptPrivateKey, null, null, this.mKeyBundleVersion + 1, this.mRevision, this.mETag, callback);
        }
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public void syncUser(final CallResponse<Boolean> callResponse) {
        ApolloCall.Callback<UserQuery.Data> callback = new ApolloCall.Callback<UserQuery.Data>() { // from class: com.microsoft.teams.vault.utils.UserKeyBundleHelper.7
            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onFailure(ApolloException apolloException) {
                UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "syncUser failed: %s", apolloException.getMessage());
                callResponse.onFailure(null);
            }

            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onResponse(Response<UserQuery.Data> response) {
                if (response.data() == null || response.data().user() == null) {
                    UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "syncUser response has error", new Object[0]);
                    callResponse.onFailure(null);
                    return;
                }
                UserQuery.User user = response.data().user();
                UserKeyBundleHelper.this.mETag = user.eTag();
                UserKeyBundleHelper.this.mRevision = user.revision().intValue();
                UserKeyBundleHelper.this.mIsRecoveryEnabled = user.msaEncryptedClientKey() != null;
                callResponse.onSuccess(Boolean.valueOf(UserKeyBundleHelper.this.mIsRecoveryEnabled));
            }
        };
        this.mUserQueryCallback = callback;
        this.mGraphQLExecutor.queryUser(null, callback);
    }

    @Override // com.microsoft.teams.vault.utils.IUserKeyBundleHelper
    public void updateUserRecovery(final boolean z, final CallResponse callResponse, final ScenarioContext scenarioContext) {
        ApolloCall.Callback<UpdateUserMutation.Data> callback = new ApolloCall.Callback<UpdateUserMutation.Data>() { // from class: com.microsoft.teams.vault.utils.UserKeyBundleHelper.5
            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onFailure(ApolloException apolloException) {
                String str = "updateUserRecovery failed: " + apolloException.getMessage();
                UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, str, new Object[0]);
                UserKeyBundleHelper.this.mVaultTelemetryHelper.endScenarioOnFailure(scenarioContext, StatusCode.VaultStatusCode.SERVICE_CALL_FAILED, str);
                callResponse.onFailure(null);
            }

            @Override // com.apollographql.apollo.ApolloCall.Callback
            public void onResponse(Response<UpdateUserMutation.Data> response) {
                if (response.data() == null || response.data().updateUser() == null) {
                    UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "updateUserRecovery failed data is null", new Object[0]);
                    callResponse.onFailure(null);
                    UserKeyBundleHelper.this.mVaultTelemetryHelper.endScenarioOnFailure(scenarioContext, StatusCode.VaultStatusCode.NULL_RESPONSE, "updateUserRecovery failed data is null");
                    return;
                }
                UserKeyBundleHelper.this.mIsRecoveryEnabled = z;
                UpdateUserMutation.UpdateUser updateUser = response.data().updateUser();
                UserKeyBundleHelper.this.mETag = updateUser.eTag();
                UserKeyBundleHelper.this.mRevision = updateUser.revision().intValue();
                if (updateUser.msaEncryptedClientKey() != null) {
                    UserKeyBundleHelper.this.mMSAEncryptedClientKey = updateUser.msaEncryptedClientKey().encryptedValue();
                    UserKeyBundleHelper.this.mMSAKeyVersion = updateUser.msaEncryptedClientKey().encryptionKeyVersion();
                } else {
                    UserKeyBundleHelper.this.mMSAEncryptedClientKey = null;
                }
                callResponse.onSuccess(null);
                UserKeyBundleHelper.this.mVaultTelemetryHelper.endScenarioOnSuccess(scenarioContext);
            }
        };
        this.mUpdateUserRecoveryCallback = callback;
        if (z) {
            encryptClientKey(new CallResponse<Pair<String, String>>() { // from class: com.microsoft.teams.vault.utils.UserKeyBundleHelper.6
                @Override // com.microsoft.teams.networkutils.CallResponse
                public void onFailure(ServerError serverError) {
                    UserKeyBundleHelper.this.mLogger.log(7, UserKeyBundleHelper.this.mTag, "encryptClientKey failed", new Object[0]);
                    UserKeyBundleHelper.this.mVaultTelemetryHelper.endScenarioOnFailure(scenarioContext, StatusCode.VaultStatusCode.SERVICE_CALL_FAILED, "encryptClientKey failed");
                    callResponse.onFailure(new ServerError("encryptClientKey failed"));
                }

                @Override // com.microsoft.teams.networkutils.CallResponse
                public void onSuccess(Pair<String, String> pair) {
                    UserKeyBundleHelper.this.mGraphQLExecutor.updateUser(pair.first, UserKeyBundleHelper.TIMESTAMP_PREFIX + pair.second, UserKeyBundleHelper.this.mETag, UserKeyBundleHelper.this.mRevision, UserKeyBundleHelper.this.mUpdateUserRecoveryCallback);
                }
            }, this.mClientKey);
        } else {
            this.mGraphQLExecutor.updateUser(null, null, this.mETag, this.mRevision, callback);
        }
    }
}
