package com.microsoft.mmx.agents.ypp.authclient.auth;

import androidx.annotation.NonNull;
import androidx.annotation.VisibleForTesting;
import androidx.annotation.WorkerThread;
import com.microsoft.appmanager.telemetry.TraceContext;
import com.microsoft.connecteddevices.AsyncOperation;
import com.microsoft.mmx.agents.di.AgentScope;
import com.microsoft.mmx.agents.ypp.authclient.auth.AuthPairingValidation;
import com.microsoft.mmx.agents.ypp.authclient.auth.VerifyNotificationResult;
import com.microsoft.mmx.agents.ypp.authclient.crypto.JwtHelper;
import com.microsoft.mmx.agents.ypp.authclient.trust.CryptoTrustRelationship;
import com.microsoft.mmx.agents.ypp.authclient.trust.ITrustManager;
import com.microsoft.mmx.agents.ypp.authclient.trust.TrustManager;
import com.microsoft.mmx.agents.ypp.pairingproxyclient.auth.PairingProxyCertificateValidator;
import com.microsoft.mmx.agents.ypp.sidechannel.protocol.v1.SideChannelWakeRequest;
import com.microsoft.mmx.agents.ypp.utils.AsyncOperationUtils;
import com.microsoft.mmx.agents.ypp.wake.CryptoSilentPairingWakeParams;
import com.microsoft.mmx.agents.ypp.wake.CryptoTrustWakeParams;
import com.microsoft.mmx.agents.ypp.wake.CryptoWakePayloadParser;
import com.microsoft.mmx.agents.ypp.wake.CryptoWakeRequestPayload;
import com.microsoft.mmx.agents.ypp.wake.DiagnosticWakeParams;
import com.microsoft.mmx.agents.ypp.wake.OpenConnectionWakeParams;
import com.microsoft.mmx.agents.ypp.wake.WakeParams;
import dagger.Lazy;
import java.security.cert.X509Certificate;
import java.util.Objects;
import javax.inject.Inject;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.joda.time.DateTime;

@AgentScope
/* loaded from: classes2.dex */
public class AuthPairingValidation implements IAuthPairingValidation {
    private final Lazy<IAuthManager> authManager;
    private final JwtHelper jwtHelper;
    private final AuthPairingValidationLog log;
    private final PairingProxyCertificateValidator pairingProxyCertificateValidator;

    @Inject
    public AuthPairingValidation(@NotNull Lazy<IAuthManager> lazy, @NotNull JwtHelper jwtHelper, @NotNull AuthPairingValidationLog authPairingValidationLog, @NotNull PairingProxyCertificateValidator pairingProxyCertificateValidator) {
        this.authManager = lazy;
        this.jwtHelper = jwtHelper;
        this.log = authPairingValidationLog;
        this.pairingProxyCertificateValidator = pairingProxyCertificateValidator;
    }

    /* JADX INFO: Access modifiers changed from: private */
    @Nullable
    /* renamed from: getTrustedPayloadInnerAsync, reason: merged with bridge method [inline-methods] */
    public CryptoWakeRequestPayload a(@NotNull String str, @NotNull String str2, @NotNull TraceContext traceContext, @NotNull ITrustManager iTrustManager) {
        String issFromJwt = this.jwtHelper.getIssFromJwt(str2, traceContext);
        if (issFromJwt == null || !iTrustManager.isCryptoClientTrusted(issFromJwt, traceContext)) {
            this.log.cryptoJwtUntrustedAnomaly(issFromJwt, traceContext);
        } else {
            CryptoTrustRelationship cryptoTrustRelationship = iTrustManager.getCryptoTrustRelationship(issFromJwt, traceContext);
            if (!str.equalsIgnoreCase(cryptoTrustRelationship.getAttributes().get(TrustManager.KEY_CRYPTO_ATTRIBUTES_PARTNER_DCG_CLIENT_ID))) {
                this.log.cryptoTrustDcgClientIdMismatchedAnomaly(issFromJwt, traceContext);
                return null;
            }
            X509Certificate partnerCert = cryptoTrustRelationship.getPartnerCert();
            if (partnerCert != null && cryptoTrustRelationship.getPartnerKeyExpirationTime() > DateTime.now().getMillis() && this.jwtHelper.verifyAndGetDataFromJwt(str2, partnerCert, traceContext) != null) {
                this.log.jwtVerifiedByPartnerCert(partnerCert, traceContext);
                return new CryptoWakePayloadParser(this.jwtHelper).fromJwt(str2, traceContext);
            }
            X509Certificate partnerTempCert = cryptoTrustRelationship.getPartnerTempCert();
            if (partnerTempCert != null && cryptoTrustRelationship.getPartnerTempKeyExpirationTime() > DateTime.now().getMillis() && this.jwtHelper.verifyAndGetDataFromJwt(str2, partnerTempCert, traceContext) != null) {
                this.log.jwtVerifiedByPartnerTempCert(partnerTempCert, traceContext);
                return new CryptoWakePayloadParser(this.jwtHelper).fromJwt(str2, traceContext);
            }
            this.log.cryptoJwtVerificationFailedAnomaly(issFromJwt, traceContext);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    @WorkerThread
    @Nullable
    /* renamed from: getTrustedSilentPairingPayloadInnerAsync, reason: merged with bridge method [inline-methods] */
    public CryptoWakeRequestPayload b(@NotNull String str, @NotNull TraceContext traceContext) {
        if (this.pairingProxyCertificateValidator.validateAndGetDataWithStaticCertificate(str, traceContext) != null) {
            return new CryptoWakePayloadParser(this.jwtHelper).fromJwt(str, traceContext);
        }
        return null;
    }

    @Override // com.microsoft.mmx.agents.ypp.authclient.auth.IAuthPairingValidation
    public AsyncOperation<Void> disableCryptoTrustForDcgClientAsync(@NotNull final String str, @NotNull final TraceContext traceContext) {
        return this.authManager.get().getTrustManager(traceContext).thenApply(new AsyncOperation.ResultFunction() { // from class: a.c.c.a.q3.c.a.n
            @Override // com.microsoft.connecteddevices.AsyncOperation.ResultFunction
            public final Object apply(Object obj) {
                ((ITrustManager) obj).disableCryptoTrustRelationship(str, traceContext);
                return null;
            }
        });
    }

    @VisibleForTesting
    public AsyncOperation<CryptoWakeRequestPayload> getTrustedPayloadAsync(@NotNull final String str, @NotNull final String str2, @NotNull final TraceContext traceContext) {
        return this.authManager.get().getTrustManager(traceContext).thenApply(new AsyncOperation.ResultFunction() { // from class: a.c.c.a.q3.c.a.k
            @Override // com.microsoft.connecteddevices.AsyncOperation.ResultFunction
            public final Object apply(Object obj) {
                return AuthPairingValidation.this.a(str, str2, traceContext, (ITrustManager) obj);
            }
        });
    }

    public AsyncOperation<CryptoWakeRequestPayload> getTrustedSilentPairingPayloadAsync(@NonNull final String str, @NonNull final TraceContext traceContext) {
        return AsyncOperation.supplyAsync(new AsyncOperation.Supplier() { // from class: a.c.c.a.q3.c.a.l
            @Override // com.microsoft.connecteddevices.AsyncOperation.Supplier
            public final Object get() {
                return AuthPairingValidation.this.b(str, traceContext);
            }
        });
    }

    @Override // com.microsoft.mmx.agents.ypp.authclient.auth.IAuthPairingValidation
    public AsyncOperation<Boolean> isDeviceTrustedAsync(@NotNull final String str, @NotNull final TraceContext traceContext) {
        return this.authManager.get().getTrustManager(traceContext).thenApply(new AsyncOperation.ResultFunction() { // from class: a.c.c.a.q3.c.a.p
            @Override // com.microsoft.connecteddevices.AsyncOperation.ResultFunction
            public final Object apply(Object obj) {
                return Boolean.valueOf(((ITrustManager) obj).isDeviceTrusted(str, traceContext));
            }
        });
    }

    @Override // com.microsoft.mmx.agents.ypp.authclient.auth.IAuthPairingValidation
    public AsyncOperation<Boolean> isDeviceUsingCryptoTrustAsync(@NotNull final String str, final TraceContext traceContext) {
        return this.authManager.get().getTrustManager(traceContext).thenApply(new AsyncOperation.ResultFunction() { // from class: a.c.c.a.q3.c.a.m
            @Override // com.microsoft.connecteddevices.AsyncOperation.ResultFunction
            public final Object apply(Object obj) {
                return Boolean.valueOf(((ITrustManager) obj).getPartnerClientIdByDcgClientId(str, traceContext) != null);
            }
        });
    }

    @Override // com.microsoft.mmx.agents.ypp.authclient.auth.IAuthPairingValidation
    public AsyncOperation<Boolean> isSideChannelWakeRequestTrustedAsync(@NotNull SideChannelWakeRequest sideChannelWakeRequest, @NotNull TraceContext traceContext) {
        return getTrustedPayloadAsync(sideChannelWakeRequest.getSourceDcgDeviceId(), sideChannelWakeRequest.getSignedJwtPayload(), traceContext).thenApply(new AsyncOperation.ResultFunction() { // from class: a.c.c.a.q3.c.a.r
            @Override // com.microsoft.connecteddevices.AsyncOperation.ResultFunction
            public final Object apply(Object obj) {
                return Boolean.valueOf(Objects.nonNull((CryptoWakeRequestPayload) obj));
            }
        });
    }

    @Override // com.microsoft.mmx.agents.ypp.authclient.auth.IAuthPairingValidation
    public AsyncOperation<VerifyNotificationResult> verifyNotificationAsync(@NotNull final WakeParams wakeParams) {
        if (!wakeParams.getIsYppMessage()) {
            return AsyncOperationUtils.failedFuture(new IllegalStateException("Notification is not a YPP notification"));
        }
        if (wakeParams instanceof CryptoTrustWakeParams) {
            CryptoTrustWakeParams cryptoTrustWakeParams = (CryptoTrustWakeParams) wakeParams;
            return getTrustedPayloadAsync(cryptoTrustWakeParams.getSourceId(), cryptoTrustWakeParams.getCryptoJwt(), cryptoTrustWakeParams.getTraceContext()).thenApplyAsync(new AsyncOperation.ResultFunction() { // from class: a.c.c.a.q3.c.a.o
                @Override // com.microsoft.connecteddevices.AsyncOperation.ResultFunction
                public final Object apply(Object obj) {
                    AuthPairingValidation authPairingValidation = AuthPairingValidation.this;
                    WakeParams wakeParams2 = wakeParams;
                    CryptoWakeRequestPayload cryptoWakeRequestPayload = (CryptoWakeRequestPayload) obj;
                    Objects.requireNonNull(authPairingValidation);
                    boolean z = true;
                    boolean z2 = cryptoWakeRequestPayload != null;
                    VerifyNotificationResult.AuthenticationType authenticationType = z2 ? VerifyNotificationResult.AuthenticationType.CRYPTO : VerifyNotificationResult.AuthenticationType.TRUSTED_ID;
                    if (!z2) {
                        CryptoTrustWakeParams cryptoTrustWakeParams2 = (CryptoTrustWakeParams) wakeParams2;
                        if (!authPairingValidation.isDeviceTrustedAsync(cryptoTrustWakeParams2.getSourceId(), cryptoTrustWakeParams2.getTraceContext()).get().booleanValue()) {
                            z = false;
                        }
                    }
                    return new VerifyNotificationResult(z, authenticationType, cryptoWakeRequestPayload);
                }
            });
        }
        if (wakeParams instanceof CryptoSilentPairingWakeParams) {
            CryptoSilentPairingWakeParams cryptoSilentPairingWakeParams = (CryptoSilentPairingWakeParams) wakeParams;
            return getTrustedSilentPairingPayloadAsync(cryptoSilentPairingWakeParams.getCryptoJwt(), cryptoSilentPairingWakeParams.getTraceContext()).thenApply(new AsyncOperation.ResultFunction() { // from class: a.c.c.a.q3.c.a.i
                @Override // com.microsoft.connecteddevices.AsyncOperation.ResultFunction
                public final Object apply(Object obj) {
                    CryptoWakeRequestPayload cryptoWakeRequestPayload = (CryptoWakeRequestPayload) obj;
                    return new VerifyNotificationResult(cryptoWakeRequestPayload != null, VerifyNotificationResult.AuthenticationType.CRYPTO, cryptoWakeRequestPayload);
                }
            });
        }
        if (wakeParams instanceof OpenConnectionWakeParams) {
            OpenConnectionWakeParams openConnectionWakeParams = (OpenConnectionWakeParams) wakeParams;
            return isDeviceTrustedAsync(openConnectionWakeParams.getSourceId(), openConnectionWakeParams.getTraceContext()).thenApplyAsync(new AsyncOperation.ResultFunction() { // from class: a.c.c.a.q3.c.a.q
                @Override // com.microsoft.connecteddevices.AsyncOperation.ResultFunction
                public final Object apply(Object obj) {
                    return new VerifyNotificationResult(((Boolean) obj).booleanValue(), VerifyNotificationResult.AuthenticationType.TRUSTED_ID);
                }
            });
        }
        if (!(wakeParams instanceof DiagnosticWakeParams)) {
            return AsyncOperationUtils.failedFuture(new IllegalStateException("Unknown Payload type"));
        }
        DiagnosticWakeParams diagnosticWakeParams = (DiagnosticWakeParams) wakeParams;
        return isDeviceTrustedAsync(diagnosticWakeParams.getSourceId(), diagnosticWakeParams.getTraceContext()).thenApplyAsync(new AsyncOperation.ResultFunction() { // from class: a.c.c.a.q3.c.a.j
            @Override // com.microsoft.connecteddevices.AsyncOperation.ResultFunction
            public final Object apply(Object obj) {
                return new VerifyNotificationResult(((Boolean) obj).booleanValue(), VerifyNotificationResult.AuthenticationType.TRUSTED_ID);
            }
        });
    }
}
