package org.mozilla.gecko;

import android.content.Context;
import android.credentials.CreateCredentialException;
import android.credentials.CreateCredentialRequest;
import android.credentials.CreateCredentialResponse;
import android.credentials.CredentialManager;
import android.credentials.CredentialOption;
import android.credentials.GetCredentialException;
import android.credentials.GetCredentialRequest;
import android.credentials.GetCredentialResponse;
import android.credentials.PrepareGetCredentialResponse;
import android.os.Build;
import android.os.Bundle;
import android.os.CancellationSignal;
import android.os.OutcomeReceiver;
import android.util.Base64;
import android.util.Log;
import androidx.credentials.exceptions.CreateCredentialCancellationException;
import androidx.credentials.exceptions.CreateCredentialNoCreateOptionException;
import androidx.credentials.exceptions.GetCredentialCancellationException;
import org.json.JSONException;
import org.mozilla.gecko.util.GeckoBundle;
import org.mozilla.gecko.util.WebAuthnUtils;
import org.mozilla.geckoview.GeckoResult;
import org.mozilla.thirdparty.com.google.android.exoplayer2.decoder.Owa.iTcSusEXK;

/* loaded from: classes5.dex */
public class WebAuthnCredentialManager {
    private static final String BUNDLE_KEY_AUTHENTICATION_RESPONSE_JSON = "androidx.credentials.BUNDLE_KEY_AUTHENTICATION_RESPONSE_JSON";
    private static final String BUNDLE_KEY_CLIENT_DATA_HASH = "androidx.credentials.BUNDLE_KEY_CLIENT_DATA_HASH";
    private static final String BUNDLE_KEY_IS_AUTO_SELECT_ALLOWED = "androidx.credentials.BUNDLE_KEY_IS_AUTO_SELECT_ALLOWED";
    private static final String BUNDLE_KEY_PREFER_IMMEDIATELY_AVAILABLE_CREDENTIALS = "androidx.credentials.BUNDLE_KEY_PREFER_IMMEDIATELY_AVAILABLE_CREDENTIALS";
    private static final String BUNDLE_KEY_REGISTRATION_RESPONSE_JSON = "androidx.credentials.BUNDLE_KEY_REGISTRATION_RESPONSE_JSON";
    private static final String BUNDLE_KEY_REQUEST_DISPLAY_INFO = "androidx.credentials.BUNDLE_KEY_REQUEST_DISPLAY_INFO";
    private static final String BUNDLE_KEY_REQUEST_JSON = "androidx.credentials.BUNDLE_KEY_REQUEST_JSON";
    private static final String BUNDLE_KEY_SUBTYPE = "androidx.credentials.BUNDLE_KEY_SUBTYPE";
    private static final String BUNDLE_KEY_USER_DISPLAY_NAME = "androidx.credentials.BUNDLE_KEY_USER_DISPLAY_NAME";
    private static final String BUNDLE_KEY_USER_ID = "androidx.credentials.BUNDLE_KEY_USER_ID";
    private static final String BUNDLE_VALUE_SUBTYPE_CREATE_PUBLIC_KEY_CREDENTIAL_REQUEST = "androidx.credentials.BUNDLE_VALUE_SUBTYPE_CREATE_PUBLIC_KEY_CREDENTIAL_REQUEST";
    private static final String BUNDLE_VALUE_SUBTYPE_GET_PUBLIC_KEY_CREDENTIAL_OPTION = "androidx.credentials.BUNDLE_VALUE_SUBTYPE_GET_PUBLIC_KEY_CREDENTIAL_OPTION";
    private static final String CM_PREFIX = "androidx.credentials.";
    private static final boolean DEBUG = false;
    private static final String LOGTAG = "WebAuthnCredMan";
    private static final String TYPE_PUBLIC_KEY_CREDENTIAL = "androidx.credentials.TYPE_PUBLIC_KEY_CREDENTIAL";

    public static GeckoResult<WebAuthnUtils.GetAssertionResponse> getAssertion(PrepareGetCredentialResponse.PendingGetCredentialHandle pendingGetCredentialHandle) {
        final GeckoResult<WebAuthnUtils.GetAssertionResponse> geckoResult = new GeckoResult<>();
        Context applicationContext = GeckoAppShell.getApplicationContext();
        CredentialManager credentialManager = (CredentialManager) applicationContext.getSystemService("credential");
        if (credentialManager == null) {
            return GeckoResult.fromException(new WebAuthnUtils.Exception("UNKNOWN_ERR"));
        }
        try {
            credentialManager.getCredential(applicationContext, pendingGetCredentialHandle, (CancellationSignal) null, applicationContext.getMainExecutor(), new OutcomeReceiver<GetCredentialResponse, GetCredentialException>() { // from class: org.mozilla.gecko.WebAuthnCredentialManager.3
                @Override // android.os.OutcomeReceiver
                public void onError(GetCredentialException getCredentialException) {
                    if (getCredentialException.getType().equals(GetCredentialCancellationException.TYPE_GET_CREDENTIAL_CANCELLATION_EXCEPTION)) {
                        GeckoResult.this.completeExceptionally(new WebAuthnUtils.Exception("ABORT_ERR"));
                    } else {
                        GeckoResult.this.completeExceptionally(new WebAuthnUtils.Exception("UNKNOWN_ERR"));
                    }
                }

                @Override // android.os.OutcomeReceiver
                public void onResult(GetCredentialResponse getCredentialResponse) {
                    String string = getCredentialResponse.getCredential().getData().getString("androidx.credentials.BUNDLE_KEY_AUTHENTICATION_RESPONSE_JSON");
                    if (string == null) {
                        GeckoResult.this.completeExceptionally(new WebAuthnUtils.Exception("DATA_ERR"));
                        return;
                    }
                    try {
                        GeckoResult.this.complete(WebAuthnUtils.getGetAssertionResponse(string));
                    } catch (IllegalArgumentException e) {
                        Log.e(WebAuthnCredentialManager.LOGTAG, "Invalid response", e);
                        GeckoResult.this.completeExceptionally(new WebAuthnUtils.Exception("DATA_ERR"));
                    } catch (JSONException e2) {
                        Log.e(WebAuthnCredentialManager.LOGTAG, "Couldn't parse response JSON", e2);
                        GeckoResult.this.completeExceptionally(new WebAuthnUtils.Exception("DATA_ERR"));
                    }
                }
            });
            return geckoResult;
        } catch (SecurityException unused) {
            return GeckoResult.fromException(new WebAuthnUtils.Exception("NOT_SUPPORTED_ERR"));
        } catch (Exception e) {
            Log.w(LOGTAG, "Couldn't get assertion", e);
            return GeckoResult.fromException(new WebAuthnUtils.Exception("UNKNOWN_ERR"));
        }
    }

    private static Bundle getRequestBundle(String str, byte[] bArr) {
        Bundle bundle = new Bundle();
        bundle.putString("androidx.credentials.BUNDLE_KEY_REQUEST_JSON", str);
        bundle.putByteArray("androidx.credentials.BUNDLE_KEY_CLIENT_DATA_HASH", bArr);
        return bundle;
    }

    private static Bundle getRequestBundleForGetAssertion(byte[] bArr, WebAuthnUtils.WebAuthnPublicCredential[] webAuthnPublicCredentialArr, GeckoBundle geckoBundle, GeckoBundle geckoBundle2, byte[] bArr2) {
        try {
            Bundle requestBundle = getRequestBundle(WebAuthnUtils.getJSONObjectForGetAssertion(bArr, webAuthnPublicCredentialArr, geckoBundle, geckoBundle2).toString(), bArr2);
            if (requestBundle == null) {
                return null;
            }
            requestBundle.putString("androidx.credentials.BUNDLE_KEY_SUBTYPE", "androidx.credentials.BUNDLE_VALUE_SUBTYPE_GET_PUBLIC_KEY_CREDENTIAL_OPTION");
            return requestBundle;
        } catch (JSONException e) {
            Log.e(LOGTAG, "Couldn't generate JSON object for request", e);
            return null;
        }
    }

    private static Bundle getRequestBundleForMakeCredential(GeckoBundle geckoBundle, byte[] bArr, byte[] bArr2, int[] iArr, WebAuthnUtils.WebAuthnPublicCredential[] webAuthnPublicCredentialArr, GeckoBundle geckoBundle2, byte[] bArr3) {
        try {
            Bundle requestBundle = getRequestBundle(WebAuthnUtils.getJSONObjectForMakeCredential(geckoBundle, bArr, bArr2, iArr, webAuthnPublicCredentialArr, geckoBundle2).toString(), bArr3);
            if (requestBundle == null) {
                return null;
            }
            Bundle bundle = new Bundle();
            bundle.putCharSequence("androidx.credentials.BUNDLE_KEY_USER_ID", Base64.encodeToString(bArr, 11));
            bundle.putString("androidx.credentials.BUNDLE_KEY_USER_DISPLAY_NAME", geckoBundle.getBundle("user").getString("displayName", ""));
            requestBundle.putBundle("androidx.credentials.BUNDLE_KEY_REQUEST_DISPLAY_INFO", bundle);
            requestBundle.putString("androidx.credentials.BUNDLE_KEY_SUBTYPE", "androidx.credentials.BUNDLE_VALUE_SUBTYPE_CREATE_PUBLIC_KEY_CREDENTIAL_REQUEST");
            return requestBundle;
        } catch (JSONException e) {
            Log.e(LOGTAG, "Couldn't generate JSON object for request", e);
            return null;
        }
    }

    public static GeckoResult<WebAuthnUtils.MakeCredentialResponse> makeCredential(GeckoBundle geckoBundle, byte[] bArr, byte[] bArr2, int[] iArr, WebAuthnUtils.WebAuthnPublicCredential[] webAuthnPublicCredentialArr, GeckoBundle geckoBundle2, byte[] bArr3) {
        if (geckoBundle2.getString("residentKey", "").equals("required") && Build.VERSION.SDK_INT >= 34) {
            Bundle requestBundleForMakeCredential = getRequestBundleForMakeCredential(geckoBundle, bArr, bArr2, iArr, webAuthnPublicCredentialArr, geckoBundle2, bArr3);
            if (requestBundleForMakeCredential == null) {
                return GeckoResult.fromException(new WebAuthnUtils.Exception("UNKNOWN_ERR"));
            }
            requestBundleForMakeCredential.putBoolean("androidx.credentials.BUNDLE_KEY_PREFER_IMMEDIATELY_AVAILABLE_CREDENTIALS", false);
            requestBundleForMakeCredential.putBoolean("androidx.credentials.BUNDLE_KEY_IS_AUTO_SELECT_ALLOWED", false);
            CreateCredentialRequest build = new CreateCredentialRequest.Builder("androidx.credentials.TYPE_PUBLIC_KEY_CREDENTIAL", requestBundleForMakeCredential, requestBundleForMakeCredential).setAlwaysSendAppInfoToProvider(true).setOrigin(geckoBundle.getString("origin")).build();
            Context applicationContext = GeckoAppShell.getApplicationContext();
            CredentialManager credentialManager = (CredentialManager) applicationContext.getSystemService("credential");
            if (credentialManager == null) {
                return GeckoResult.fromException(new WebAuthnUtils.Exception("UNKNOWN_ERR"));
            }
            final GeckoResult<WebAuthnUtils.MakeCredentialResponse> geckoResult = new GeckoResult<>();
            try {
                credentialManager.createCredential(applicationContext, build, null, applicationContext.getMainExecutor(), new OutcomeReceiver<CreateCredentialResponse, CreateCredentialException>() { // from class: org.mozilla.gecko.WebAuthnCredentialManager.1
                    @Override // android.os.OutcomeReceiver
                    public void onError(CreateCredentialException createCredentialException) {
                        String type = createCredentialException.getType();
                        if (type.equals(CreateCredentialCancellationException.TYPE_CREATE_CREDENTIAL_CANCELLATION_EXCEPTION)) {
                            GeckoResult.this.completeExceptionally(new WebAuthnUtils.Exception("ABORT_ERR"));
                        } else if (type.equals(CreateCredentialNoCreateOptionException.TYPE_CREATE_CREDENTIAL_NO_CREATE_OPTION)) {
                            GeckoResult.this.completeExceptionally(new WebAuthnUtils.Exception("NOT_SUPPORTED_ERR"));
                        } else {
                            GeckoResult.this.completeExceptionally(new WebAuthnUtils.Exception("UNKNOWN_ERR"));
                        }
                    }

                    @Override // android.os.OutcomeReceiver
                    public void onResult(CreateCredentialResponse createCredentialResponse) {
                        String string = createCredentialResponse.getData().getString("androidx.credentials.BUNDLE_KEY_REGISTRATION_RESPONSE_JSON");
                        if (string == null) {
                            GeckoResult.this.completeExceptionally(new WebAuthnUtils.Exception("DATA_ERR"));
                            return;
                        }
                        try {
                            GeckoResult.this.complete(WebAuthnUtils.getMakeCredentialResponse(string));
                        } catch (IllegalArgumentException e) {
                            Log.e(WebAuthnCredentialManager.LOGTAG, "Invalid response", e);
                            GeckoResult.this.completeExceptionally(new WebAuthnUtils.Exception("DATA_ERR"));
                        } catch (JSONException e2) {
                            Log.e(WebAuthnCredentialManager.LOGTAG, "Couldn't parse response JSON", e2);
                            GeckoResult.this.completeExceptionally(new WebAuthnUtils.Exception("DATA_ERR"));
                        }
                    }
                });
                return geckoResult;
            } catch (SecurityException unused) {
                return GeckoResult.fromException(new WebAuthnUtils.Exception("NOT_SUPPORTED_ERR"));
            } catch (Exception e) {
                Log.w(LOGTAG, iTcSusEXK.dPOeFoMnRCYN, e);
                return GeckoResult.fromException(new WebAuthnUtils.Exception("UNKNOWN_ERR"));
            }
        }
        return GeckoResult.fromException(new WebAuthnUtils.Exception("NOT_SUPPORTED_ERR"));
    }

    public static GeckoResult<PrepareGetCredentialResponse.PendingGetCredentialHandle> prepareGetAssertion(byte[] bArr, WebAuthnUtils.WebAuthnPublicCredential[] webAuthnPublicCredentialArr, GeckoBundle geckoBundle, GeckoBundle geckoBundle2, byte[] bArr2) {
        Bundle requestBundleForGetAssertion = getRequestBundleForGetAssertion(bArr, webAuthnPublicCredentialArr, geckoBundle, geckoBundle2, bArr2);
        if (requestBundleForGetAssertion == null) {
            return GeckoResult.fromValue(null);
        }
        requestBundleForGetAssertion.putBoolean("androidx.credentials.BUNDLE_KEY_IS_AUTO_SELECT_ALLOWED", webAuthnPublicCredentialArr.length > 0);
        CredentialOption build = new CredentialOption.Builder("androidx.credentials.TYPE_PUBLIC_KEY_CREDENTIAL", requestBundleForGetAssertion, requestBundleForGetAssertion).build();
        new Bundle();
        GetCredentialRequest build2 = new GetCredentialRequest.Builder(requestBundleForGetAssertion).addCredentialOption(build).setAlwaysSendAppInfoToProvider(true).setOrigin(geckoBundle.getString("origin")).build();
        Context applicationContext = GeckoAppShell.getApplicationContext();
        CredentialManager credentialManager = (CredentialManager) applicationContext.getSystemService("credential");
        if (credentialManager == null) {
            return GeckoResult.fromValue(null);
        }
        final GeckoResult<PrepareGetCredentialResponse.PendingGetCredentialHandle> geckoResult = new GeckoResult<>();
        try {
            credentialManager.prepareGetCredential(build2, null, applicationContext.getMainExecutor(), new OutcomeReceiver<PrepareGetCredentialResponse, GetCredentialException>() { // from class: org.mozilla.gecko.WebAuthnCredentialManager.2
                @Override // android.os.OutcomeReceiver
                public void onError(GetCredentialException getCredentialException) {
                    GeckoResult.this.completeExceptionally(new WebAuthnUtils.Exception("UNKNOWN_ERR"));
                }

                @Override // android.os.OutcomeReceiver
                public void onResult(PrepareGetCredentialResponse prepareGetCredentialResponse) {
                    boolean hasCredentialResults = prepareGetCredentialResponse.hasCredentialResults("androidx.credentials.TYPE_PUBLIC_KEY_CREDENTIAL");
                    boolean hasAuthenticationResults = prepareGetCredentialResponse.hasAuthenticationResults();
                    if (hasCredentialResults || hasAuthenticationResults) {
                        GeckoResult.this.complete(prepareGetCredentialResponse.getPendingGetCredentialHandle());
                    } else {
                        GeckoResult.this.complete(null);
                    }
                }
            });
            return geckoResult;
        } catch (SecurityException unused) {
            return GeckoResult.fromValue(null);
        } catch (Exception e) {
            Log.e(LOGTAG, "prepareGetCredential throws an error", e);
            return GeckoResult.fromValue(null);
        }
    }
}
