package com.microsoft.skype.teams.services.authorization.intune;

import android.app.Activity;
import android.content.Context;
import android.util.Base64;
import bolts.Task;
import com.microsoft.intune.mam.client.MAMIdentitySwitchResult;
import com.microsoft.intune.mam.client.app.MAMComponents;
import com.microsoft.intune.mam.client.identity.MAMDataProtectionInfo;
import com.microsoft.intune.mam.client.identity.MAMDataProtectionManager;
import com.microsoft.intune.mam.client.identity.MAMFileProtectionInfo;
import com.microsoft.intune.mam.client.identity.MAMFileProtectionManager;
import com.microsoft.intune.mam.client.identity.MAMPolicyManager;
import com.microsoft.intune.mam.client.identity.MAMSetUIIdentityCallback;
import com.microsoft.intune.mam.client.notification.MAMNotificationReceiver;
import com.microsoft.intune.mam.client.notification.MAMNotificationReceiverRegistry;
import com.microsoft.intune.mam.client.strict.MAMStrictCheck;
import com.microsoft.intune.mam.client.strict.MAMStrictMode;
import com.microsoft.intune.mam.client.strict.MAMStrictViolationHandler;
import com.microsoft.intune.mam.log.MAMLogHandlerWrapper;
import com.microsoft.intune.mam.policy.AppPolicy;
import com.microsoft.intune.mam.policy.MAMCAComplianceStatus;
import com.microsoft.intune.mam.policy.MAMComplianceManager;
import com.microsoft.intune.mam.policy.MAMEnrollmentManager;
import com.microsoft.intune.mam.policy.MAMServiceAuthenticationCallback;
import com.microsoft.intune.mam.policy.MAMUserInfo;
import com.microsoft.intune.mam.policy.notification.MAMComplianceNotification;
import com.microsoft.intune.mam.policy.notification.MAMEnrollmentNotification;
import com.microsoft.intune.mam.policy.notification.MAMNotification;
import com.microsoft.intune.mam.policy.notification.MAMNotificationType;
import com.microsoft.intune.mam.policy.notification.MAMUserNotification;
import com.microsoft.skype.teams.app.AppStateProvider;
import com.microsoft.skype.teams.data.DataResponse;
import com.microsoft.skype.teams.data.IDataResponseCallback;
import com.microsoft.skype.teams.models.AuthenticatedUser;
import com.microsoft.skype.teams.models.auth.TeamsClientAcquireTokenParameters;
import com.microsoft.skype.teams.services.authorization.AuthorizationError;
import com.microsoft.skype.teams.services.authorization.IAccountManager;
import com.microsoft.skype.teams.services.authorization.IAuthenticationCallback;
import com.microsoft.skype.teams.services.authorization.IAuthenticationProviderFactory;
import com.microsoft.skype.teams.services.authorization.ITeamsAuthenticationResult;
import com.microsoft.skype.teams.services.authorization.ITeamsUserTokenManager;
import com.microsoft.skype.teams.services.authorization.SignInHintParams;
import com.microsoft.skype.teams.services.authorization.helpers.CoreAuthorizationUtilities;
import com.microsoft.skype.teams.services.diagnostics.IUserBITelemetryManager;
import com.microsoft.skype.teams.services.diagnostics.StatusCode;
import com.microsoft.skype.teams.services.diagnostics.telemetryschema.ScenarioContext;
import com.microsoft.skype.teams.services.diagnostics.telemetryschema.ScenarioName;
import com.microsoft.skype.teams.utilities.ISignOutHelper;
import com.microsoft.skype.teams.utilities.java.StandardCharsets;
import com.microsoft.skype.teams.utilities.java.StringUtils;
import com.microsoft.teams.androidutils.tasks.CancellationToken;
import com.microsoft.teams.androidutils.tasks.TaskUtilities;
import com.microsoft.teams.core.R$string;
import com.microsoft.teams.core.app.ITeamsApplication;
import com.microsoft.teams.core.models.GlobalPreferences;
import com.microsoft.teams.core.services.IScenarioManager;
import com.microsoft.teams.core.utilities.AppBuildConfigurationHelper;
import com.microsoft.teams.nativecore.logger.ILogger;
import com.microsoft.teams.nativecore.preferences.IPreferences;
import j$.util.concurrent.ConcurrentHashMap;
import java.io.File;
import java.io.IOException;

/* loaded from: classes11.dex */
public final class TeamsMamAccessController implements ITeamsMamAccessController, MAMSetUIIdentityCallback {
    private static final String TAG = "TeamsMamAccessController";
    private IAccountManager mAccountManager;
    private ConcurrentHashMap<String, String> mAcquireTokenResourceIdMap = new ConcurrentHashMap();
    private final Context mAppContext;
    private final MAMEnrollmentManager mMAMEnrollmentManager;
    private final IPreferences mPreferences;
    private ISignOutHelper mSignOutHelper;
    private final ITeamsApplication mTeamsApplication;
    private ITeamsUserTokenManager mTeamsUserTokenManager;
    private ITeamsUserTokenManager mTokenManager;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.microsoft.skype.teams.services.authorization.intune.TeamsMamAccessController$4, reason: invalid class name */
    /* loaded from: classes11.dex */
    public static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] $SwitchMap$com$microsoft$intune$mam$policy$MAMCAComplianceStatus;
        static final /* synthetic */ int[] $SwitchMap$com$microsoft$intune$mam$policy$MAMEnrollmentManager$Result;

        static {
            int[] iArr = new int[MAMCAComplianceStatus.values().length];
            $SwitchMap$com$microsoft$intune$mam$policy$MAMCAComplianceStatus = iArr;
            try {
                iArr[MAMCAComplianceStatus.COMPLIANT.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            int[] iArr2 = new int[MAMEnrollmentManager.Result.values().length];
            $SwitchMap$com$microsoft$intune$mam$policy$MAMEnrollmentManager$Result = iArr2;
            try {
                iArr2[MAMEnrollmentManager.Result.PENDING.ordinal()] = 1;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$com$microsoft$intune$mam$policy$MAMEnrollmentManager$Result[MAMEnrollmentManager.Result.NOT_LICENSED.ordinal()] = 2;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                $SwitchMap$com$microsoft$intune$mam$policy$MAMEnrollmentManager$Result[MAMEnrollmentManager.Result.UNENROLLMENT_FAILED.ordinal()] = 3;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                $SwitchMap$com$microsoft$intune$mam$policy$MAMEnrollmentManager$Result[MAMEnrollmentManager.Result.AUTHORIZATION_NEEDED.ordinal()] = 4;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                $SwitchMap$com$microsoft$intune$mam$policy$MAMEnrollmentManager$Result[MAMEnrollmentManager.Result.COMPANY_PORTAL_REQUIRED.ordinal()] = 5;
            } catch (NoSuchFieldError unused6) {
            }
            try {
                $SwitchMap$com$microsoft$intune$mam$policy$MAMEnrollmentManager$Result[MAMEnrollmentManager.Result.ENROLLMENT_SUCCEEDED.ordinal()] = 6;
            } catch (NoSuchFieldError unused7) {
            }
            try {
                $SwitchMap$com$microsoft$intune$mam$policy$MAMEnrollmentManager$Result[MAMEnrollmentManager.Result.ENROLLMENT_FAILED.ordinal()] = 7;
            } catch (NoSuchFieldError unused8) {
            }
            try {
                $SwitchMap$com$microsoft$intune$mam$policy$MAMEnrollmentManager$Result[MAMEnrollmentManager.Result.WRONG_USER.ordinal()] = 8;
            } catch (NoSuchFieldError unused9) {
            }
            try {
                $SwitchMap$com$microsoft$intune$mam$policy$MAMEnrollmentManager$Result[MAMEnrollmentManager.Result.UNENROLLMENT_SUCCEEDED.ordinal()] = 9;
            } catch (NoSuchFieldError unused10) {
            }
        }
    }

    /* loaded from: classes11.dex */
    public @interface DeviceEnrollmentType {
        public static final String MAMORMDM = "MAMORMDM";
        public static final String NONE = "NONE";
        public static final String UNKNOWN = "UNKNOWN";
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes11.dex */
    public class MAMNotificationReceiverSignOutImpl implements MAMNotificationReceiver {
        private MAMNotificationReceiverSignOutImpl() {
        }

        @Override // com.microsoft.intune.mam.client.notification.MAMNotificationReceiver
        public boolean onReceive(MAMNotification mAMNotification) {
            TeamsMamAccessController.this.mTeamsApplication.getLogger(null).log(5, TeamsMamAccessController.TAG, String.format("Receive %s notification type", mAMNotification.getType().toString()), new Object[0]);
            if (!(mAMNotification instanceof MAMUserNotification)) {
                return true;
            }
            String userIdentity = ((MAMUserNotification) mAMNotification).getUserIdentity();
            if (!TeamsMamAccessController.this.mAccountManager.containUser(userIdentity) || TeamsMamAccessController.this.handleWipeUser(userIdentity)) {
                return TeamsMamAccessController.this.decryptDB();
            }
            return false;
        }
    }

    /* loaded from: classes11.dex */
    private final class MAMServiceAuthenticationCallbackImpl implements MAMServiceAuthenticationCallback {
        private MAMServiceAuthenticationCallbackImpl() {
        }

        @Override // com.microsoft.intune.mam.policy.MAMServiceAuthenticationCallback
        public String acquireToken(String str, String str2, String str3) {
            TeamsMamAccessController.this.mAcquireTokenResourceIdMap.put(str.toLowerCase(), str3);
            ILogger logger = TeamsMamAccessController.this.mTeamsApplication.getLogger(null);
            IScenarioManager scenarioManager = TeamsMamAccessController.this.mTeamsApplication.getScenarioManager(null);
            String sanitizedResource = TeamsMamAccessController.this.mTokenManager.getSanitizedResource(str3, false, false);
            logger.log(2, "MAMAcquireToken", String.format("remediateCompliance: MAM is acquiring token for resource [%s] [%s]", sanitizedResource, str2), new Object[0]);
            String tokenFromAuthorizationServiceFromAadId = TeamsMamAccessController.this.getTokenFromAuthorizationServiceFromAadId(sanitizedResource, str2, logger, scenarioManager);
            logger.log(5, "MAMAcquireToken", String.format("remediateCompliance: MAM is acquired token for resource %s isTokenEmpty:[%s]", sanitizedResource, Boolean.valueOf(StringUtils.isEmpty(tokenFromAuthorizationServiceFromAadId))), new Object[0]);
            return tokenFromAuthorizationServiceFromAadId;
        }
    }

    public TeamsMamAccessController(Context context, ITeamsApplication iTeamsApplication, IPreferences iPreferences) {
        this.mAppContext = context;
        this.mTeamsApplication = iTeamsApplication;
        this.mPreferences = iPreferences;
        ((MAMLogHandlerWrapper) MAMComponents.get(MAMLogHandlerWrapper.class)).setLogcatPII(false);
        this.mMAMEnrollmentManager = (MAMEnrollmentManager) MAMComponents.get(MAMEnrollmentManager.class);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: checkAndUpdateEncryptionStatus, reason: merged with bridge method [inline-methods] */
    public void lambda$initialize$1$TeamsMamAccessController(ILogger iLogger) {
        if (this.mTeamsApplication.getExperimentationManager(null).enableIntuneDataEncryption()) {
            String str = TAG;
            iLogger.log(3, str, "checkAndUpdateEncryptionStatus()", new Object[0]);
            if (this.mPreferences.getBooleanGlobalPref(GlobalPreferences.TEAMS_FILES_ENCRYPTION_PENDING, false)) {
                iLogger.log(3, str, "already have a pending, exit", new Object[0]);
                return;
            }
            String mAMPrimaryUser = getMAMPrimaryUser();
            if (mAMPrimaryUser != null && this.mAccountManager.containUser(mAMPrimaryUser)) {
                String fileIdentity = getFileIdentity(iLogger, getTeamsDatabaseFullPath());
                this.mTeamsApplication.getUserBITelemetryManager(null).logDataEncryptionStatus(fileIdentity != null);
                if (StringUtils.equals(mAMPrimaryUser, fileIdentity)) {
                    iLogger.log(3, str, "same identity, skip", new Object[0]);
                    return;
                }
                iLogger.log(6, str, "mismatch between primaryUser and fileIdentity", new Object[0]);
                this.mPreferences.putBooleanGlobalPref(GlobalPreferences.TEAMS_FILES_ENCRYPTION_PENDING, true);
                this.mAccountManager.encryptData();
                this.mTeamsUserTokenManager.refreshSave();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean decryptDB() {
        IScenarioManager scenarioManager = this.mTeamsApplication.getScenarioManager(null);
        ScenarioContext startScenario = scenarioManager.startScenario(ScenarioName.INTUNE_DATABASE_DECRYPTION, "decryptDB");
        this.mPreferences.putBooleanGlobalPref(GlobalPreferences.TEAMS_FILES_DECRYPTION_FAILURE, true);
        boolean encryptOrDecryptDB = encryptOrDecryptDB(scenarioManager, startScenario, null);
        if (encryptOrDecryptDB) {
            this.mPreferences.putBooleanGlobalPref(GlobalPreferences.TEAMS_FILES_DECRYPTION_FAILURE, false);
        }
        return encryptOrDecryptDB;
    }

    private boolean encryptOrDecryptDB(IScenarioManager iScenarioManager, ScenarioContext scenarioContext, String str) {
        IUserBITelemetryManager userBITelemetryManager = this.mTeamsApplication.getUserBITelemetryManager(null);
        ILogger logger = this.mTeamsApplication.getLogger(null);
        File file = new File(getTeamsDatabaseFullPath());
        if (str == null) {
            str = "";
        }
        try {
            MAMFileProtectionManager.protect(file, str);
            iScenarioManager.endScenarioOnSuccess(scenarioContext, "encryptOrDecryptDB successful");
            return true;
        } catch (IOException e) {
            logger.log(7, TAG, e, "File exist:" + file.exists(), new Object[0]);
            userBITelemetryManager.logMAMLibFailure(e);
            iScenarioManager.endScenarioOnError(scenarioContext, StatusCode.INTUNE_ENCRYPTION_DECRYPTION_FAIL, "MAM lib throw exception:" + getTeamsDatabaseFullPath(), new String[0]);
            return false;
        }
    }

    private String getDeviceEnrollmentType(String str, ILogger iLogger) {
        String str2 = str != null && str.contains("policyTemplateVersion") && !str.contains("policyTemplateVersion = null") ? DeviceEnrollmentType.MAMORMDM : "NONE";
        iLogger.log(2, TAG, "deviceEnrollmentType: [%s] [%s]", str2, str);
        return str2;
    }

    private String getFileIdentity(ILogger iLogger, String str) {
        File file = new File(str);
        if (file.exists()) {
            try {
                MAMFileProtectionInfo protectionInfo = MAMFileProtectionManager.getProtectionInfo(file);
                if (protectionInfo == null || !StringUtils.isNotEmpty(protectionInfo.getIdentity())) {
                    return null;
                }
                return protectionInfo.getIdentity();
            } catch (IOException e) {
                iLogger.log(7, TAG, e);
                this.mTeamsApplication.getUserBITelemetryManager(null).logMAMLibFailure(e);
            }
        }
        return null;
    }

    private String getMAMPolicy() {
        AppPolicy policy = MAMPolicyManager.getPolicy();
        ILogger logger = this.mTeamsApplication.getLogger(null);
        String appPolicy = policy.toString();
        logger.log(2, TAG, "Getting MAM policy " + appPolicy, new Object[0]);
        return appPolicy;
    }

    private String getMAMPolicy(Context context) {
        AppPolicy policy = MAMPolicyManager.getPolicy(context);
        ILogger logger = this.mTeamsApplication.getLogger(null);
        String appPolicy = policy.toString();
        logger.log(2, TAG, "Getting MAM policy for context" + appPolicy, new Object[0]);
        return appPolicy;
    }

    private String getPrintablePrimaryUser() {
        String mAMPrimaryUser = getMAMPrimaryUser();
        return mAMPrimaryUser != null ? mAMPrimaryUser : ITeamsMamAccessController.MAM_STRING_NULL;
    }

    private String getTeamsDatabaseFullPath() {
        return this.mTeamsApplication.getApplicationContext().getDatabasePath("SkypeTeams.db").getAbsolutePath();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String getTokenFromAuthorizationServiceFromAadId(String str, String str2, ILogger iLogger, IScenarioManager iScenarioManager) {
        iLogger.log(2, TAG, String.format("getTokenFromAuthorizationServiceFromAadId [%s]", str), new Object[0]);
        try {
            return this.mTokenManager.getResourceToken(new TeamsClientAcquireTokenParameters.Builder(str, str2).build(), null).accessToken;
        } catch (AuthorizationError e) {
            iLogger.log(7, TAG, "getTokenFromAuthorizationServiceFromAadId:cannot acquire token. %s", e.getMessage());
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void handleComplianceNotification(MAMComplianceNotification mAMComplianceNotification, ScenarioContext scenarioContext, IDataResponseCallback<String> iDataResponseCallback) {
        ILogger logger = this.mTeamsApplication.getLogger(null);
        String str = TAG;
        logger.log(5, str, String.format("remediateCompliance.onReceive. notificationType [%s] complianceStatus:[%s]", mAMComplianceNotification.getType().toString(), mAMComplianceNotification.getComplianceStatus()), new Object[0]);
        IScenarioManager scenarioManager = this.mTeamsApplication.getScenarioManager(null);
        if (AnonymousClass4.$SwitchMap$com$microsoft$intune$mam$policy$MAMCAComplianceStatus[mAMComplianceNotification.getComplianceStatus().ordinal()] == 1) {
            scenarioManager.endScenarioOnSuccess(scenarioContext, new String[0]);
            iDataResponseCallback.onComplete(DataResponse.createSuccessResponse("success"));
        } else {
            logger.log(5, str, String.format("remediateCompliance:onReceive failed [%s] [%s] [%s]", mAMComplianceNotification.getComplianceStatus(), mAMComplianceNotification.getComplianceErrorTitle(), mAMComplianceNotification.getComplianceErrorMessage()), new Object[0]);
            scenarioManager.endScenarioOnError(scenarioContext, StatusCode.INTUNE_REMEDIATE_COMPLIANCE_POLICY_FAILURE, mAMComplianceNotification.getComplianceErrorMessage(), new String[0]);
            iDataResponseCallback.onComplete(DataResponse.createErrorResponse(new AuthorizationError(mAMComplianceNotification.getComplianceErrorTitle(), mAMComplianceNotification.getComplianceErrorMessage())));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void handleEnrollmentNotification(Context context, MAMEnrollmentManager.Result result, final String str, final ILogger iLogger, final IScenarioManager iScenarioManager, IAuthenticationProviderFactory iAuthenticationProviderFactory) {
        String str2 = TAG;
        iLogger.log(3, str2, "Got MAM Enrollment Result: " + result, new Object[0]);
        final ScenarioContext startScenario = iScenarioManager.startScenario(ScenarioName.HANDLE_ENROLLMENT_NOTIFICATION, new String[0]);
        iScenarioManager.addKeyValueTags(startScenario, "result", result.toString());
        switch (AnonymousClass4.$SwitchMap$com$microsoft$intune$mam$policy$MAMEnrollmentManager$Result[result.ordinal()]) {
            case 1:
            case 2:
            case 3:
                iScenarioManager.endScenarioOnSuccess(startScenario, new String[0]);
                return;
            case 4:
                final String str3 = (String) this.mAcquireTokenResourceIdMap.get(str);
                if (StringUtils.isEmptyOrWhiteSpace(str) || StringUtils.isEmptyOrWhiteSpace(str3)) {
                    iLogger.log(6, str2, "Cannot update MAM token as acquireToken has not been called yet.", new Object[0]);
                    iScenarioManager.endScenarioOnCancel(startScenario, StatusCode.OPERATION_CANCELLED, "Cannot update MAM token as acquireToken has not been called yet.", new String[0]);
                    return;
                }
                if (AppStateProvider.getCurrentActivity() == null) {
                    iLogger.log(6, str2, "AUTHORIZATION_NEEDED: Activity is null. Cannot proceed", new Object[0]);
                    iScenarioManager.endScenarioOnCancel(startScenario, StatusCode.NO_ACTIVITY_TO_USE, "AUTHORIZATION_NEEDED: Activity is null. Cannot proceed", new String[0]);
                    return;
                }
                String sanitizedResource = this.mTokenManager.getSanitizedResource(str3, false, false);
                iLogger.log(2, str2, String.format("getTokenFromAuthorizationServiceFromUpn [%s]", sanitizedResource), new Object[0]);
                try {
                    iAuthenticationProviderFactory.getAuthProvider(context, iLogger, false).acquireToken(str, sanitizedResource, AppStateProvider.getCurrentActivity(), null, false, null, CoreAuthorizationUtilities.getAuthUrl(new SignInHintParams.Builder(false).build()), null, new IAuthenticationCallback() { // from class: com.microsoft.skype.teams.services.authorization.intune.TeamsMamAccessController.3
                        @Override // com.microsoft.skype.teams.services.authorization.IAuthenticationCallback
                        public void onCancel() {
                            iLogger.log(7, TeamsMamAccessController.TAG, "AUTHORIZATION_NEEDED:gettoken operation cancelled", new Object[0]);
                            iScenarioManager.endScenarioOnCancel(startScenario, StatusCode.OPERATION_CANCELLED, "AUTHORIZATION_NEEDED:gettoken operation cancelled", new String[0]);
                        }

                        @Override // com.microsoft.skype.teams.services.authorization.IAuthenticationCallback
                        public void onError(AuthorizationError authorizationError) {
                            iLogger.log(7, TeamsMamAccessController.TAG, authorizationError.getMessage() != null ? authorizationError.getMessage() : "AUTHORIZATION_NEEDED:gettoken encountered exception", "AUTHORIZATION_NEEDED:gettoken encountered exception");
                            iScenarioManager.endScenarioOnError(startScenario, authorizationError, new String[0]);
                        }

                        @Override // com.microsoft.skype.teams.services.authorization.IAuthenticationCallback
                        public void onSuccess(ITeamsAuthenticationResult iTeamsAuthenticationResult) {
                            iLogger.log(5, TeamsMamAccessController.TAG, "getTokenFromAuthorizationServiceFromUpn:onSuccess", new Object[0]);
                            iScenarioManager.endScenarioOnSuccess(startScenario, new String[0]);
                            TeamsMamAccessController.this.mMAMEnrollmentManager.updateToken(str, iTeamsAuthenticationResult.getIdentifier(), str3, iTeamsAuthenticationResult.getAccessToken());
                        }
                    });
                    return;
                } catch (AuthorizationError e) {
                    iLogger.log(7, TAG, "getTokenFromAuthorizationServiceFromUpn:onError %s", e.getMessage());
                    iScenarioManager.endScenarioOnError(startScenario, e, new String[0]);
                    return;
                }
            case 5:
                this.mPreferences.putBooleanGlobalPref(GlobalPreferences.MAM_REENROLLMENT_KEY, true);
                iScenarioManager.endScenarioOnSuccess(startScenario, new String[0]);
                return;
            case 6:
                if (this.mPreferences.getBooleanGlobalPref(GlobalPreferences.MAM_REENROLLMENT_KEY, false)) {
                    this.mPreferences.putBooleanGlobalPref(GlobalPreferences.MAM_REENROLLMENT_KEY, false);
                }
                iScenarioManager.endScenarioOnSuccess(startScenario, new String[0]);
                lambda$initialize$1(iLogger);
                iLogger.log(2, str2, "Enrollment succeeded for primary identity", new Object[0]);
                return;
            case 7:
                iLogger.log(6, str2, StatusCode.ENROLLMENT_FAILED, new Object[0]);
                iScenarioManager.endScenarioOnError(startScenario, StatusCode.ENROLLMENT_FAILED, "enrollment failed", new String[0]);
                this.mSignOutHelper.signOut(context, R$string.sign_out_progress_text, null);
                return;
            case 8:
                iLogger.log(6, str2, "WRONG_USER", new Object[0]);
                iScenarioManager.endScenarioOnError(startScenario, StatusCode.WRONG_ACCOUNT_TYPE, "wrong user", new String[0]);
                return;
            case 9:
                if (this.mPreferences.getBooleanGlobalPref(GlobalPreferences.MAM_REENROLLMENT_KEY, false)) {
                    this.mPreferences.putBooleanGlobalPref(GlobalPreferences.MAM_REENROLLMENT_KEY, false);
                }
                iScenarioManager.endScenarioOnSuccess(startScenario, new String[0]);
                iLogger.log(2, str2, "UNENROLLMENT_SUCCEEDED", new Object[0]);
                return;
            default:
                iScenarioManager.endScenarioOnSuccess(startScenario, new String[0]);
                return;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean handleWipeUser(String str) {
        ILogger logger = this.mTeamsApplication.getLogger(null);
        Activity currentActivity = AppStateProvider.getCurrentActivity();
        String str2 = TAG;
        logger.log(5, str2, "Before doing wiping user", new Object[0]);
        Task<Boolean> signOut = currentActivity != null ? this.mSignOutHelper.signOut((Context) currentActivity, R$string.sign_out_progress_text, str, (Runnable) null, true) : this.mSignOutHelper.signOut(this.mTeamsApplication.getApplicationContext(), R$string.sign_out_progress_text, str, (Runnable) null, false);
        try {
            signOut.waitForCompletion();
            if (signOut.isCompleted() && !signOut.isFaulted() && signOut.getResult().booleanValue()) {
                logger.log(5, str2, "Wiping user: Successful", new Object[0]);
                return true;
            }
            logger.log(5, str2, "Wiping user: Failure", new Object[0]);
            return false;
        } catch (InterruptedException e) {
            logger.log(5, TAG, "Wiping user: exception" + e, new Object[0]);
            return false;
        }
    }

    private boolean isStringEncrypted(String str) {
        try {
            MAMDataProtectionInfo protectionInfo = MAMDataProtectionManager.getProtectionInfo(Base64.decode(str, 0));
            if (protectionInfo != null) {
                return protectionInfo.getIdentity() != null;
            }
            return false;
        } catch (IOException | IllegalArgumentException unused) {
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: lambda$registerMAMNotificationReceivers$3, reason: merged with bridge method [inline-methods] */
    public /* synthetic */ boolean lambda$registerMAMNotificationReceivers$3$TeamsMamAccessController(ILogger iLogger, MAMNotification mAMNotification) {
        iLogger.log(3, TAG, String.format("Receive %s notification type", mAMNotification.getType().toString()), new Object[0]);
        lambda$initialize$1(iLogger);
        return true;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: lambda$registerMAMNotificationReceivers$4, reason: merged with bridge method [inline-methods] */
    public /* synthetic */ boolean lambda$registerMAMNotificationReceivers$4$TeamsMamAccessController(ILogger iLogger, MAMNotification mAMNotification) {
        iLogger.log(3, TAG, String.format("Receive %s notification type", mAMNotification.getType().toString()), new Object[0]);
        this.mAccountManager.decryptData();
        return decryptDB();
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: lambda$setUIPolicyIdentity$2, reason: merged with bridge method [inline-methods] */
    public /* synthetic */ void lambda$setUIPolicyIdentity$2$TeamsMamAccessController(Context context, String str) {
        MAMPolicyManager.setUIPolicyIdentity(context, str, this);
    }

    private void registerMAMNotificationReceivers(final IAuthenticationProviderFactory iAuthenticationProviderFactory) {
        final ILogger logger = this.mTeamsApplication.getLogger(null);
        final IScenarioManager scenarioManager = this.mTeamsApplication.getScenarioManager(null);
        String str = TAG;
        logger.log(3, str, "Register mam notification receivers", new Object[0]);
        ((MAMNotificationReceiverRegistry) MAMComponents.get(MAMNotificationReceiverRegistry.class)).registerReceiver(new MAMNotificationReceiver() { // from class: com.microsoft.skype.teams.services.authorization.intune.-$$Lambda$TeamsMamAccessController$FE8qKcyabInE4HeJPn07m1HNfuc
            @Override // com.microsoft.intune.mam.client.notification.MAMNotificationReceiver
            public final boolean onReceive(MAMNotification mAMNotification) {
                return TeamsMamAccessController.this.lambda$registerMAMNotificationReceivers$3$TeamsMamAccessController(logger, mAMNotification);
            }
        }, MAMNotificationType.REFRESH_POLICY);
        ((MAMNotificationReceiverRegistry) MAMComponents.get(MAMNotificationReceiverRegistry.class)).registerReceiver(new MAMNotificationReceiver() { // from class: com.microsoft.skype.teams.services.authorization.intune.-$$Lambda$TeamsMamAccessController$f2-4ccA13vCXNHqA9es6hscY96M
            @Override // com.microsoft.intune.mam.client.notification.MAMNotificationReceiver
            public final boolean onReceive(MAMNotification mAMNotification) {
                return TeamsMamAccessController.this.lambda$registerMAMNotificationReceivers$4$TeamsMamAccessController(logger, mAMNotification);
            }
        }, MAMNotificationType.MANAGEMENT_REMOVED);
        ((MAMNotificationReceiverRegistry) MAMComponents.get(MAMNotificationReceiverRegistry.class)).registerReceiver(new MAMNotificationReceiverSignOutImpl(), MAMNotificationType.WIPE_USER_DATA);
        ((MAMNotificationReceiverRegistry) MAMComponents.get(MAMNotificationReceiverRegistry.class)).registerReceiver(new MAMNotificationReceiver() { // from class: com.microsoft.skype.teams.services.authorization.intune.TeamsMamAccessController.2
            @Override // com.microsoft.intune.mam.client.notification.MAMNotificationReceiver
            public boolean onReceive(MAMNotification mAMNotification) {
                MAMEnrollmentNotification mAMEnrollmentNotification = (MAMEnrollmentNotification) mAMNotification;
                logger.log(2, TeamsMamAccessController.TAG, String.format("Receive notification type %s", mAMEnrollmentNotification.getType().toString()), new Object[0]);
                TeamsMamAccessController teamsMamAccessController = TeamsMamAccessController.this;
                teamsMamAccessController.handleEnrollmentNotification(teamsMamAccessController.mAppContext, mAMEnrollmentNotification.getEnrollmentResult(), mAMEnrollmentNotification.getUserIdentity(), logger, scenarioManager, iAuthenticationProviderFactory);
                return true;
            }
        }, MAMNotificationType.MAM_ENROLLMENT_RESULT);
        logger.log(3, str, "Successfully registerReceiver REFRESH_POLICY, WIPE_USER_DATA and MAM_ENROLLMENT_RESULT.", new Object[0]);
    }

    @Override // com.microsoft.skype.teams.services.authorization.intune.ITeamsMamAccessController, com.microsoft.teams.nativecore.intune.IDataEncryption
    public String decrypt(String str) {
        if (StringUtils.isEmpty(str) || !isStringEncrypted(str)) {
            return str;
        }
        try {
            return new String(MAMDataProtectionManager.unprotect(Base64.decode(str, 0)), StandardCharsets.UTF_8);
        } catch (IOException e) {
            this.mTeamsApplication.getUserBITelemetryManager(null).logMAMLibFailure(e);
            return str;
        }
    }

    @Override // com.microsoft.skype.teams.services.authorization.intune.ITeamsMamAccessController, com.microsoft.teams.nativecore.intune.IDataEncryption
    public String encrypt(String str) {
        String mAMPrimaryUser;
        if (this.mTeamsApplication.getExperimentationManager(null).enableIntuneDataEncryption() && (mAMPrimaryUser = getMAMPrimaryUser()) != null && this.mAccountManager.containUser(mAMPrimaryUser)) {
            try {
                return Base64.encodeToString(MAMDataProtectionManager.protect(str.getBytes(StandardCharsets.UTF_8), mAMPrimaryUser), 0);
            } catch (IOException e) {
                this.mTeamsApplication.getUserBITelemetryManager(null).logMAMLibFailure(e);
            }
        }
        return str;
    }

    @Override // com.microsoft.skype.teams.services.authorization.intune.ITeamsMamAccessController
    public boolean encryptTeamsDatabase() {
        if (!this.mTeamsApplication.getExperimentationManager(null).enableIntuneDataEncryption()) {
            return true;
        }
        IScenarioManager scenarioManager = this.mTeamsApplication.getScenarioManager(null);
        return encryptOrDecryptDB(scenarioManager, scenarioManager.startScenario(ScenarioName.INTUNE_DATABASE_ENCRYPTION, "encryptTeamsDatabase"), getMAMPrimaryUser());
    }

    @Override // com.microsoft.skype.teams.services.authorization.intune.ITeamsMamAccessController
    public void enrollMAM(AuthenticatedUser authenticatedUser, ScenarioContext scenarioContext) {
        ILogger logger = this.mTeamsApplication.getLogger(null);
        IScenarioManager scenarioManager = this.mTeamsApplication.getScenarioManager(null);
        ScenarioContext startScenario = scenarioManager.startScenario(ScenarioName.ENROLL_MAM, scenarioContext, new String[0]);
        String userPrincipalName = authenticatedUser.getUserPrincipalName();
        String authUrl = authenticatedUser.getAuthUrl();
        String str = TAG;
        logger.log(2, str, String.format("current primary user %s, authenticatedUser.authUrl: [%s]", getPrintablePrimaryUser(), authUrl), new Object[0]);
        this.mMAMEnrollmentManager.registerAccountForMAM(userPrincipalName, authenticatedUser.getUserObjectId(), authenticatedUser.getTenantId(), authUrl);
        scenarioManager.endScenarioOnSuccess(startScenario, "authenticatedUser.authUrl != null");
        logger.log(5, str, "Enrollment started with status " + this.mMAMEnrollmentManager.getRegisteredAccountStatus(userPrincipalName), new Object[0]);
    }

    @Override // com.microsoft.skype.teams.services.authorization.intune.ITeamsMamAccessController
    public String getDeviceEnrollmentType() {
        return getDeviceEnrollmentType(getMAMPolicy(), this.mTeamsApplication.getLogger(null));
    }

    @Override // com.microsoft.skype.teams.services.authorization.intune.ITeamsMamAccessController
    public String getDeviceEnrollmentType(Context context) {
        return getDeviceEnrollmentType(getMAMPolicy(context), this.mTeamsApplication.getLogger(null));
    }

    @Override // com.microsoft.skype.teams.services.authorization.intune.ITeamsMamAccessController
    public String getMAMPrimaryUser() {
        MAMUserInfo mAMUserInfo = (MAMUserInfo) MAMComponents.get(MAMUserInfo.class);
        if (mAMUserInfo != null) {
            return mAMUserInfo.getPrimaryUser();
        }
        return null;
    }

    @Override // com.microsoft.skype.teams.services.authorization.intune.ITeamsMamAccessController
    public void initialize(ITeamsUserTokenManager iTeamsUserTokenManager, ISignOutHelper iSignOutHelper, IAccountManager iAccountManager, ITeamsUserTokenManager iTeamsUserTokenManager2, IAuthenticationProviderFactory iAuthenticationProviderFactory) {
        final ILogger logger = this.mTeamsApplication.getLogger(null);
        logger.log(3, TAG, "Initializing TeamsMamAccessController", new Object[0]);
        this.mTokenManager = iTeamsUserTokenManager;
        this.mSignOutHelper = iSignOutHelper;
        this.mAccountManager = iAccountManager;
        this.mMAMEnrollmentManager.registerAuthenticationCallback(new MAMServiceAuthenticationCallbackImpl());
        this.mTeamsUserTokenManager = iTeamsUserTokenManager2;
        registerMAMNotificationReceivers(iAuthenticationProviderFactory);
        if (AppBuildConfigurationHelper.isDebugOrDevBuild()) {
            MAMStrictMode.enable();
            MAMStrictMode.global().setHandler(new MAMStrictViolationHandler() { // from class: com.microsoft.skype.teams.services.authorization.intune.-$$Lambda$TeamsMamAccessController$lzLzz1bwtm69rd5teeGFa-qYU34
                @Override // com.microsoft.intune.mam.client.strict.MAMStrictViolationHandler
                public final void checkFailed(MAMStrictCheck mAMStrictCheck, String str, Error error) {
                    ILogger.this.log(6, TeamsMamAccessController.TAG, error, "check=%s, detail=%s", mAMStrictCheck.name(), str);
                }
            });
        }
        TaskUtilities.runOnBackgroundThreadWithDelay(new Runnable() { // from class: com.microsoft.skype.teams.services.authorization.intune.-$$Lambda$TeamsMamAccessController$Z5C4MO5wduz_38c9kx8toLmZauI
            @Override // java.lang.Runnable
            public final void run() {
                TeamsMamAccessController.this.lambda$initialize$1$TeamsMamAccessController(logger);
            }
        }, CancellationToken.NONE, 5000L);
    }

    @Override // com.microsoft.intune.mam.client.identity.MAMSetUIIdentityCallback
    public void notifyIdentityResult(MAMIdentitySwitchResult mAMIdentitySwitchResult) {
        this.mTeamsApplication.getLogger(null).log(2, TAG, String.format("Notify identity switch result : %s, current primary user", mAMIdentitySwitchResult), new Object[0]);
    }

    @Override // com.microsoft.skype.teams.services.authorization.intune.ITeamsMamAccessController
    public void remediateCompliance(String str, String str2, String str3, String str4, boolean z, ScenarioContext scenarioContext, final IDataResponseCallback<String> iDataResponseCallback) {
        ILogger logger = this.mTeamsApplication.getLogger(null);
        IScenarioManager scenarioManager = this.mTeamsApplication.getScenarioManager(null);
        final ScenarioContext startScenario = scenarioManager.startScenario(ScenarioName.INTUNE_REMEDIATE_COMPLIANCE_POLICY, scenarioContext, new String[0]);
        try {
            ((MAMComplianceManager) MAMComponents.get(MAMComplianceManager.class)).remediateCompliance(str, str2, str3, str4, z);
            logger.log(5, TAG, "remediateCompliance", new Object[0]);
            ((MAMNotificationReceiverRegistry) MAMComponents.get(MAMNotificationReceiverRegistry.class)).registerReceiver(new MAMNotificationReceiver() { // from class: com.microsoft.skype.teams.services.authorization.intune.TeamsMamAccessController.1
                @Override // com.microsoft.intune.mam.client.notification.MAMNotificationReceiver
                public boolean onReceive(MAMNotification mAMNotification) {
                    TeamsMamAccessController.this.handleComplianceNotification((MAMComplianceNotification) mAMNotification, startScenario, iDataResponseCallback);
                    ((MAMNotificationReceiverRegistry) MAMComponents.get(MAMNotificationReceiverRegistry.class)).unregisterReceiver(this, MAMNotificationType.COMPLIANCE_STATUS);
                    return true;
                }
            }, MAMNotificationType.COMPLIANCE_STATUS);
        } catch (IllegalArgumentException e) {
            AuthorizationError authorizationError = new AuthorizationError("UNKNOWN", e);
            logger.log(7, TAG, "remediateCompliance: %s", authorizationError.getMessage());
            scenarioManager.endScenarioOnError(startScenario, authorizationError, new String[0]);
            iDataResponseCallback.onComplete(DataResponse.createErrorResponse(authorizationError));
        }
    }

    @Override // com.microsoft.skype.teams.services.authorization.intune.ITeamsMamAccessController
    public void setUIPolicyIdentity(final Context context, final String str) {
        ILogger logger = this.mTeamsApplication.getLogger(null);
        if (str == null) {
            logger.log(2, TAG, String.format("Clear UI Policy Identity for Context %s", context.toString()), new Object[0]);
        } else {
            logger.log(2, TAG, String.format("Set UI Policy Identity for Context %s", context.toString()), new Object[0]);
        }
        TaskUtilities.runOnBackgroundThread(new Runnable() { // from class: com.microsoft.skype.teams.services.authorization.intune.-$$Lambda$TeamsMamAccessController$nAmdvIb0djvzTBeNGYWeOqc5eU8
            @Override // java.lang.Runnable
            public final void run() {
                TeamsMamAccessController.this.lambda$setUIPolicyIdentity$2$TeamsMamAccessController(context, str);
            }
        });
    }

    @Override // com.microsoft.skype.teams.services.authorization.intune.ITeamsMamAccessController
    public void unEnrollMam(String str) {
        ILogger logger = this.mTeamsApplication.getLogger(null);
        IScenarioManager scenarioManager = this.mTeamsApplication.getScenarioManager(null);
        ScenarioContext startScenario = scenarioManager.startScenario(ScenarioName.UNENROLL_MAM, new String[0]);
        String str2 = TAG;
        logger.log(2, str2, "Unenrolling current primary user", new Object[0]);
        if (this.mMAMEnrollmentManager.getRegisteredAccountStatus(str) != null) {
            this.mMAMEnrollmentManager.unregisterAccountForMAM(str);
        }
        scenarioManager.endScenarioOnSuccess(startScenario, "authenticatedUser.authUrl == null");
        logger.log(3, str2, "Unenrollment started with status " + this.mMAMEnrollmentManager.getRegisteredAccountStatus(str), new Object[0]);
    }
}
