package com.citrix.fido;

import android.content.Context;
import android.graphics.Bitmap;
import android.net.Uri;
import android.os.Handler;
import android.text.TextUtils;
import android.util.Pair;
import android.webkit.JavascriptInterface;
import android.webkit.WebResourceRequest;
import android.webkit.WebView;
import android.widget.Toast;
import androidx.fragment.app.FragmentActivity;
import com.citrix.Log;
import com.citrix.browser.database.BookmarkTable;
import com.citrix.browser.droid.R;
import com.citrix.fido.publickey.AllowedCredentials;
import com.citrix.fido.publickey.CreateCredentials;
import com.citrix.fido.publickey.GetCredentials;
import com.citrix.fido.publickey.PublicKeyCreate;
import com.citrix.fido.publickey.PublicKeyGet;
import com.citrix.fido.publickey.Utils;
import com.citrix.util.HashUtil;
import com.citrix.util.Util;
import com.google.android.gms.analytics.ecommerce.Promotion;
import com.google.gson.Gson;
import dalvik.annotation.MethodParameters;
import duo.labs.webauthn.Authenticator;
import duo.labs.webauthn.exceptions.VirgilException;
import duo.labs.webauthn.exceptions.WebAuthnException;
import duo.labs.webauthn.models.AttestationObject;
import duo.labs.webauthn.models.AuthenticatorGetAssertionOptions;
import duo.labs.webauthn.models.AuthenticatorGetAssertionResult;
import duo.labs.webauthn.models.AuthenticatorMakeCredentialOptions;
import duo.labs.webauthn.models.PublicKeyCredentialDescriptor;
import duo.labs.webauthn.models.RpEntity;
import duo.labs.webauthn.models.UserEntity;
import duo.labs.webauthn.util.SelectCredentialDialogFragment;
import java.io.IOException;
import java.nio.charset.Charset;
import java.util.ArrayList;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes3.dex */
public class WebViewWebAuthenticatorBridge {
    private static final String ASSETS_BRIDGE_JS = "webauthnbridge.js";
    private static final String KEY_ATTESTATION_OBJECT_B64 = "attestationObjectB64";
    private static final String KEY_AUTHENTICATOR_DATA_JSON_B64 = "authenticatorDataB64";
    private static final String KEY_CLIENT_DATA_JSON_B64 = "clientDataJsonB64";
    private static final String KEY_ID = "id";
    private static final String KEY_RAW_ID = "rawId";
    private static final String KEY_RESPONSE = "response";
    private static final String KEY_SIGNATURE_B64 = "signatureB64";
    private static final String KEY_TYPE = "type";
    public static final String TAG = "WebViewWebauthnBridge";
    private static final String VALUE_PUBLIC_KEY = "public-key";
    private static final String WEBAUTHN_BRIDGE_INTERFACE = "webauthnbridgejava";
    private Context mActivity;
    private final Context mAppContext;
    private Authenticator mAuthenticator;
    private boolean mLoadingNewPage;
    private final WebView mWebView;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes5.dex */
    public class JsInterface {
        @MethodParameters(accessFlags = {32784}, names = {"this$0"})
        JsInterface() {
        }

        @MethodParameters(accessFlags = {0}, names = {"options"})
        @JavascriptInterface
        public void create(String str) {
            if (WebViewWebAuthenticatorBridge.this.isValidDeviceForFidoAuth()) {
                WebViewWebAuthenticatorBridge.this.javascriptPublicKeyCredentialCreate(str);
            }
        }

        @MethodParameters(accessFlags = {0}, names = {"options"})
        @JavascriptInterface
        public void get(String str) {
            if (WebViewWebAuthenticatorBridge.this.isValidDeviceForFidoAuth()) {
                WebViewWebAuthenticatorBridge.this.javascriptPublicKeyCredentialGet(str);
            }
        }

        @JavascriptInterface
        public void preventSilentAccess() {
            WebViewWebAuthenticatorBridge.this.javascriptPublicKeyCredentialPreventSilentAccess();
        }

        @MethodParameters(accessFlags = {0}, names = {"credential"})
        @JavascriptInterface
        public void store(String str) {
            WebViewWebAuthenticatorBridge.this.javascriptPublicKeyCredentialStore(str);
        }
    }

    @MethodParameters(accessFlags = {0, 0, 0}, names = {"context", "activity", "webView"})
    private WebViewWebAuthenticatorBridge(Context context, Context context2, WebView webView) throws VirgilException {
        this.mAppContext = context;
        this.mActivity = context2;
        this.mWebView = webView;
        this.mAuthenticator = new Authenticator(context, true, false);
    }

    private void addJavascriptInterfaceToWebView() {
        this.mWebView.addJavascriptInterface(new JsInterface(), WEBAUTHN_BRIDGE_INTERFACE);
    }

    @MethodParameters(accessFlags = {0, 0}, names = {"context", "webView"})
    public static WebViewWebAuthenticatorBridge createInstanceForWebView(Context context, WebView webView) throws VirgilException {
        WebViewWebAuthenticatorBridge webViewWebAuthenticatorBridge = new WebViewWebAuthenticatorBridge(citrix.android.content.Context.getApplicationContext(context), context, webView);
        webViewWebAuthenticatorBridge.addJavascriptInterfaceToWebView();
        return webViewWebAuthenticatorBridge;
    }

    @MethodParameters(accessFlags = {0}, names = {"publicKey"})
    private AuthenticatorGetAssertionOptions getAuthenticatorGetAssertionOptions(PublicKeyGet publicKeyGet) {
        byte[] sha256 = HashUtil.sha256(Utils.clientClientDataToJson(publicKeyGet));
        ArrayList arrayList = new ArrayList();
        if (publicKeyGet.getAllowCredentials().length != 0) {
            for (AllowedCredentials allowedCredentials : publicKeyGet.getAllowCredentials()) {
                arrayList.add(new PublicKeyCredentialDescriptor("public-key", Utils.jsonObjectOrArrayToByteArray(allowedCredentials.getId()), null));
            }
        }
        AuthenticatorGetAssertionOptions authenticatorGetAssertionOptions = new AuthenticatorGetAssertionOptions();
        authenticatorGetAssertionOptions.allowCredentialDescriptorList = arrayList;
        authenticatorGetAssertionOptions.clientDataHash = sha256;
        authenticatorGetAssertionOptions.requireUserPresence = false;
        authenticatorGetAssertionOptions.requireUserVerification = true;
        authenticatorGetAssertionOptions.rpId = publicKeyGet.getRpId();
        return authenticatorGetAssertionOptions;
    }

    @MethodParameters(accessFlags = {0}, names = {"publicKey"})
    private AuthenticatorMakeCredentialOptions getAuthenticatorMakeCredentialOptions(PublicKeyCreate publicKeyCreate) {
        byte[] sha256 = HashUtil.sha256(Utils.clientClientDataToJson(publicKeyCreate));
        ArrayList arrayList = new ArrayList();
        arrayList.add(new Pair("public-key", -7L));
        RpEntity rpEntity = new RpEntity();
        rpEntity.id = publicKeyCreate.getRp().getId();
        rpEntity.name = publicKeyCreate.getRp().getName();
        UserEntity userEntity = new UserEntity();
        userEntity.displayName = publicKeyCreate.getUser().getDisplayName();
        userEntity.name = publicKeyCreate.getUser().getName();
        userEntity.id = Utils.jsonObjectOrArrayToByteArray(publicKeyCreate.getUser().getId());
        AuthenticatorMakeCredentialOptions authenticatorMakeCredentialOptions = new AuthenticatorMakeCredentialOptions();
        authenticatorMakeCredentialOptions.clientDataHash = sha256;
        authenticatorMakeCredentialOptions.credTypesAndPubKeyAlgs = arrayList;
        authenticatorMakeCredentialOptions.requireResidentKey = true;
        authenticatorMakeCredentialOptions.requireUserPresence = false;
        authenticatorMakeCredentialOptions.requireUserVerification = true;
        authenticatorMakeCredentialOptions.rpEntity = rpEntity;
        authenticatorMakeCredentialOptions.userEntity = userEntity;
        return authenticatorMakeCredentialOptions;
    }

    @MethodParameters(accessFlags = {0}, names = {"options"})
    private PublicKeyCreate getPublicKeyCreate(String str) {
        return ((CreateCredentials) new Gson().fromJson(str, CreateCredentials.class)).getPublicKey();
    }

    @MethodParameters(accessFlags = {0}, names = {"options"})
    private PublicKeyGet getPublicKeyGet(String str) {
        return ((GetCredentials) new Gson().fromJson(str, GetCredentials.class)).getPublicKey();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void injectJavascriptBridge() {
        try {
            this.mWebView.evaluateJavascript("javascript:(" + Util.loadTextFromAssets(this.mAppContext, ASSETS_BRIDGE_JS, Charset.defaultCharset()) + ")()", null);
        } catch (IOException unused) {
            Log.e(TAG, "IllegalStateException");
        }
    }

    private void injectOnInterceptRequest() {
        if (this.mLoadingNewPage) {
            this.mLoadingNewPage = false;
            new Handler(citrix.android.content.Context.getMainLooper(this.mAppContext)).postAtFrontOfQueue(new Runnable() { // from class: com.citrix.fido.WebViewWebAuthenticatorBridge$$ExternalSyntheticLambda2
                @Override // java.lang.Runnable
                public final void run() {
                    WebViewWebAuthenticatorBridge.this.injectJavascriptBridge();
                }
            });
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isValidDeviceForFidoAuth() {
        if (!Util.isAndroidPOrAbove()) {
            showToast(R.string.fido_support_error);
            return false;
        }
        if (Util.isBiometryAvailable()) {
            return true;
        }
        showToast(R.string.fido_biometric_setup__error);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    @MethodParameters(accessFlags = {0}, names = {"options"})
    public void javascriptPublicKeyCredentialCreate(String str) {
        Log.i(TAG, "javascriptPublicKeyCredentialCreate : " + str);
        final PublicKeyCreate publicKeyCreate = getPublicKeyCreate(str);
        AuthenticatorMakeCredentialOptions authenticatorMakeCredentialOptions = getAuthenticatorMakeCredentialOptions(publicKeyCreate);
        try {
            Authenticator authenticator = this.mAuthenticator;
            Context context = this.mAppContext;
            final AttestationObject makeCredential = authenticator.makeCredential(authenticatorMakeCredentialOptions, context, null, citrix.android.content.Context.getString(context, R.string.fido_registration));
            this.mWebView.getHandler().post(new Runnable() { // from class: com.citrix.fido.WebViewWebAuthenticatorBridge$$ExternalSyntheticLambda1
                @Override // java.lang.Runnable
                public final void run() {
                    WebViewWebAuthenticatorBridge.this.m39x118ac4d8(publicKeyCreate, makeCredential);
                }
            });
        } catch (VirgilException | WebAuthnException e) {
            Log.e(TAG, e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    @MethodParameters(accessFlags = {0}, names = {"options"})
    public void javascriptPublicKeyCredentialGet(String str) {
        Log.i(TAG, "javascriptPublicKeyCredentialGet : " + str);
        final PublicKeyGet publicKeyGet = getPublicKeyGet(str);
        AuthenticatorGetAssertionOptions authenticatorGetAssertionOptions = getAuthenticatorGetAssertionOptions(publicKeyGet);
        SelectCredentialDialogFragment selectCredentialDialogFragment = new SelectCredentialDialogFragment();
        selectCredentialDialogFragment.populateFragmentActivity((FragmentActivity) this.mActivity);
        try {
            Authenticator authenticator = this.mAuthenticator;
            Context context = this.mAppContext;
            final AuthenticatorGetAssertionResult assertion = authenticator.getAssertion(authenticatorGetAssertionOptions, selectCredentialDialogFragment, context, null, citrix.android.content.Context.getString(context, R.string.fido_signin));
            this.mWebView.getHandler().post(new Runnable() { // from class: com.citrix.fido.WebViewWebAuthenticatorBridge$$ExternalSyntheticLambda0
                @Override // java.lang.Runnable
                public final void run() {
                    WebViewWebAuthenticatorBridge.this.m40x93ffed4b(publicKeyGet, assertion);
                }
            });
        } catch (VirgilException | WebAuthnException e) {
            Log.e(TAG, e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void javascriptPublicKeyCredentialPreventSilentAccess() {
    }

    /* JADX INFO: Access modifiers changed from: private */
    @MethodParameters(accessFlags = {0}, names = {"credential"})
    public void javascriptPublicKeyCredentialStore(String str) {
        Log.i(TAG, "javascriptPublicKeyCredentialGet : " + str);
    }

    @MethodParameters(accessFlags = {0, 0}, names = {"publicKey", "attestationObject"})
    private String publicKeyCredentialToJsonString(PublicKeyCreate publicKeyCreate, AttestationObject attestationObject) {
        JSONObject jSONObject = new JSONObject();
        try {
            JSONObject jSONObject2 = new JSONObject();
            jSONObject2.put(KEY_ATTESTATION_OBJECT_B64, Utils.encodeToString(attestationObject.asCBOR()));
            jSONObject2.put(KEY_CLIENT_DATA_JSON_B64, Utils.encodeToString(Utils.clientClientDataToJson(publicKeyCreate).getBytes()));
            jSONObject.put("type", "public-key");
            jSONObject.put(KEY_RAW_ID, Utils.encodeToString(attestationObject.getCredentialId()));
            jSONObject.put("id", Utils.encodeToString(attestationObject.getCredentialId()));
            jSONObject.put(KEY_RESPONSE, jSONObject2);
            return jSONObject.toString();
        } catch (VirgilException | JSONException unused) {
            return "";
        }
    }

    @MethodParameters(accessFlags = {0, 0}, names = {"publicKey", "assertionResult"})
    private String publicKeyGetToJsonString(PublicKeyGet publicKeyGet, AuthenticatorGetAssertionResult authenticatorGetAssertionResult) {
        JSONObject jSONObject = new JSONObject();
        try {
            JSONObject jSONObject2 = new JSONObject();
            jSONObject2.put(KEY_SIGNATURE_B64, Utils.encodeToString(authenticatorGetAssertionResult.signature));
            jSONObject2.put(KEY_CLIENT_DATA_JSON_B64, Utils.encodeToString(Utils.clientClientDataToJson(publicKeyGet).getBytes()));
            jSONObject2.put(KEY_AUTHENTICATOR_DATA_JSON_B64, Utils.encodeToString(authenticatorGetAssertionResult.authenticatorData));
            jSONObject.put("type", "public-key");
            jSONObject.put(KEY_RAW_ID, Utils.encodeToString(Utils.jsonObjectOrArrayToByteArray(publicKeyGet.getAllowCredentials()[0].getId())));
            jSONObject.put("id", Utils.encodeToString(Utils.jsonObjectOrArrayToByteArray(publicKeyGet.getAllowCredentials()[0].getId())));
            jSONObject.put(KEY_RESPONSE, jSONObject2);
            return jSONObject.toString();
        } catch (JSONException unused) {
            return "";
        }
    }

    @MethodParameters(accessFlags = {0}, names = {"messageId"})
    private void showToast(int i) {
        Toast.makeText(this.mAppContext, i, 0).show();
    }

    @MethodParameters(accessFlags = {0, 0, 0}, names = {Promotion.ACTION_VIEW, "url", BookmarkTable.COLUMN_FAVICON})
    public void delegateOnPageStarted(WebView webView, String str, Bitmap bitmap) {
        this.mLoadingNewPage = false;
        if (!TextUtils.isEmpty(str) && "https".equalsIgnoreCase(Uri.parse(str).getScheme())) {
            this.mLoadingNewPage = true;
        }
    }

    @MethodParameters(accessFlags = {0, 0}, names = {Promotion.ACTION_VIEW, "request"})
    public void delegateShouldInterceptRequest(WebView webView, WebResourceRequest webResourceRequest) {
        injectOnInterceptRequest();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$javascriptPublicKeyCredentialCreate$1$com-citrix-fido-WebViewWebAuthenticatorBridge, reason: not valid java name */
    public /* synthetic */ void m39x118ac4d8(PublicKeyCreate publicKeyCreate, AttestationObject attestationObject) {
        this.mWebView.evaluateJavascript("javascript:webauthnbridge.handleResolve(" + publicKeyCredentialToJsonString(publicKeyCreate, attestationObject) + ")", null);
        Log.i(TAG, "attestationObject : " + attestationObject.toString());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$javascriptPublicKeyCredentialGet$0$com-citrix-fido-WebViewWebAuthenticatorBridge, reason: not valid java name */
    public /* synthetic */ void m40x93ffed4b(PublicKeyGet publicKeyGet, AuthenticatorGetAssertionResult authenticatorGetAssertionResult) {
        String publicKeyGetToJsonString = publicKeyGetToJsonString(publicKeyGet, authenticatorGetAssertionResult);
        Log.i(TAG, publicKeyGetToJsonString);
        this.mWebView.evaluateJavascript("javascript:webauthnbridge.handleResolve(" + publicKeyGetToJsonString + ")", null);
    }
}
